Your bank does not need to use the app trackers to spy on you. They already know everything important there is about you.
What the banks are worried about is fraud. Fraud costs them money. But the thing is, the app development cycles are long and complicated, and instead of a pragmatic approach, they just bolt on more and more obscure non deterministic authentication schemes and heuristic checks. That’s why the app wants to know things like your location and access to the list of other installed apps, and simple username and password are not enough to let you through anymore.
The device attestation for them is probably just another checkbox to tick on the list of “at least we tried”. Regardles of whether it’s actually relevant for security. As long as it saves them more money that it costs them, there’s no reason to not enable it.
Your bank does not need to use the app trackers to spy on you. They already know everything important there is about you.
What the banks are worried about is fraud. Fraud costs them money. But the thing is, the app development cycles are long and complicated, and instead of a pragmatic approach, they just bolt on more and more obscure non deterministic authentication schemes and heuristic checks. That’s why the app wants to know things like your location and access to the list of other installed apps, and simple username and password are not enough to let you through anymore.
The device attestation for them is probably just another checkbox to tick on the list of “at least we tried”. Regardles of whether it’s actually relevant for security. As long as it saves them more money that it costs them, there’s no reason to not enable it.