Agree with this. Either you'll get SMS OTP (which is free for the user, at least in the UK?) or they will send some 'calculator' or multi-colour-code-scanner device that generates OTPs.
(Honestly this last one was the most impressive bank security system I'd seen yet; for every individual transaction, you'd have to scan the code and the scanner device would tell you what you were authorising, then you put the PIN in and get a OTP to put back in the bank)
>>reitan+(OP)
that is just normal practice for business account transaction in my country????
business account can request such devices so if any malicious people cant withdraw funds without pressing a same combination in all devices (there are multiple devices)
so there is no rogue employee