This is already what is happening with SafetyNet on Android. For now most applications don't require hardware attestation so you can pass by spoofing an old device that didn't support hardware attestation but I'm sure that will change within a decade.
Being able to trust the security of a client can protect against many attacks and it is up to web sites to evaluate what to do with into information that a client is proven to be secure.
SafetyNet means the app checks to make sure you're not rooted or running a custom ROM because those are considered a security risk. If you are not running a locked-down OEM ROM, you can't run many apps including banking apps.
Microsoft's Pluton on-CPU attestation technology means this is coming to PCs.
Keep it powered down when not needed for extra security.
Idealy, it could be smaller than a smartphone, and use smartphone's or laptop's hardware for UI and networking.
I don't want to have to agree to Microsoft or Apple's ToS so that I can access my bank.
I do not look forward to trying to find a bank that doesn't require this of me because all of the major banks have jumped on board.
Usually banks don't let you disable antifraud protections. They prefer to make their business and the banking system more secure by reducing the rate of fraud. Fraud is expensive for them to deal with so it doesn't really make financial sense to let customers say that they are okay with having more fraud happen using their account.