French bank usability

Hello, This question is for French users.
For now my bank is “la banque postale”, with the DSP2, this bank requires the use of “certicode plus” with their android application.
Until recently, I could use it with my sailfish phone, now I just have a white screen.
One of you would know a bank that does not require the use of an android application to identify itself and already complies with PSD2?
My preference would be to be able to use only my browser or a native application like Foil Auth (although I don’t know if this is possible again).

Hi. Can’t you deactivate Certicode Plus? It’s not mandatory to enable it, if you don’t have a compatible device, they will instead send you a SMS once every 3 months, it’s called Certicode.
And it seems to be the same for many banks I’ve checked: Android app as the preferred solution and SMS if no compatible device:

  • Banque Postale
  • Société Générale
  • LCL
  • Caisse d’Epargne

I found one bank that proposes only either the Android app or a physical OTP device: Credit Mutuel

What seems to be clear is that no bank has implemented a standard OTP protocol, forcing us once again to rely on US-based companies to manage our money (or continue to be less secure), I don’t understand why :frowning_face:
If somebody found one, please share!

1 Like

Thank you for your answer.
I have alredy revert my option to certicode, but it is specified on the web site " Dans quelques mois, l’accès à vos comptes en ligne nécessitera une sécurisation renforcée ."
’ll find out about Credit Mutuel, juste in case.

Indeed, the SMS OTP is meant to die. It seems that it will take a bit more time than planned originally, but we will need another solution in a couple of years.
There are actually more banks that propose a physical OTP device: Caisse d’Epargne, HSBC, Banque Populaire, maybe others.
But that would be another constraint to need a physical device, when a standard OTP gives the same security!

Once thing that’s maybe possible is to dig into their Android apps to see if we can find a reusable token, like the author of SailOTP managed to do for Steam.