Honest question. Shouldn't this internet banking that offer authentication as a service do it via at least mandatory 2FA for log in. I would guess that way fake bank sites would be failing?

I dont have many banking relationships, using 2 banks and there is not even a password to remember, all login is done via authentication apps.