2 factor verification conundrum

Could you make one factor an email address they could send code to

Feel your pain--had a heckuva time with frankly onerous security on my visa on a recent trip.
Could you "preauthorize" the transactions?
Can you change the notification to email instead of text?
My husband's chase sapphire encountered no problems, so in the future I will not use the troublesome card--as I told my bank.

Did you have to turn on two-factor authentication, and if so, can you turn it off? Or is this something that BOA put on your credit card?

Unfortunately, the financial institutions have set this up for text only as options, never giving the option of receiving an email.

On our last trip, after unable to do 2-factor with our credit cards I had an inspiration and for the Covid Reentry test and a pair of bus tickets we used our AtM-Debit card online. Two-factor did not come up and they went through. I suspect this would be because the recipient gets cash directly, although that is a guess. In any event, if you have a debit card (without FTF), give it a try.

This is a problem I will need to address this summer as my son and d.i.l. will be returning to Iceland long term (4 years or more), and we will need ways for them to access funds as may be needed e.g. (transfer from us) though their accounts here.

Well it's too late now but after encountering significant issues with BOA using their debit and credit cards in Europe I found a way around them. I moved all my accounts!

And I see as usual BOA's "outstanding customer service" gave their usual "too bad we don't care" reaction

This is one of the downsides of having a different phone number when purchasing a temporary SIM.

Solutions? – Use a dual SIM phone; put your US SIM back in the phone on these occasions; if possible opt-out of two-factor authorisation; as Richard says use an email address as a different method of 2FA; try an authenticator app e.g. by Google or Microsoft.

Not sure you can do this now, but you could set up a Paypal account and use that.

thank you all for your replies! glad to know that i am not the only one. many of your questions are as good as mine. can one even get out of 2-factor verification? i will definitely try that. verification code to email? one of the many boa 'customer service' people i spoke to assured me my email was listed as a recipient of the code but never got one. guess i will just have to deal with it. i suppose i have to be more pre-emptive next time (like get another card and ask the precise questions!). i prefer using a local sim because even using my verizon international 1-day plan is $10.00/day! i would rather spend that money in my host country than give it to a 'corporation are people' behemoth!

"put your US SIM back in the phone on these occasions"

And that will likely trigger a daily charge by the US provider, which is what people try to avoid by purchasing an in-country SIM card.
.
"can one even get out of 2-factor verification"

My bank will not allow "opting out" of 2FA - but they do offer email alerts along with SMS.

alomaker, install Google Voice on your phone (assuming it is a smart phone). This is kind of a forwarding service and gives you a new US phone number for calls and texting (does not replace your existing number unless you want it to - otherwise, you can use both). Then change the 2FA number in your account to the Google number. It will work outside the US or anywhere you have WiFi or mobile internet.

The only issue is that Google Voice does NOT support incoming calls without a US SIM card (last I checked). It does support incoming texts. I use Google Voice as my primary number even in the US. It works really well, though I have found that occasionally some services that use 2FA won't text to a Google Voice number...but most of them do - I've used it many times.

This is a common problem in the expat community.
You are not alone.

This won't help you now, but I use a Google Fi phone so I can receive US calls and texts in 100+ countries as if I were in the US.

What you’d want to do is ask about white listening your account, most likely they will use email for two factor.

thank you all for your suggestions. i'll try asking them to send the 2-factor codes to my email. i'll report back!

It is a pain, but see if this works:

1) Put your phone on airplane mode,

2) Replace the SIM card in your phone with your US SIM card,

3) Turn on wifi on your phone (but don't disturb the airplane mode setting),

4) Connect to wifi,

5) Wait for the 2 factor code to come through.

If successful, turn off wifi, switch the SIM cards back, and then turn off airplane mode. By getting the text over wifi you shouldn't get dinged with the daily usage fee. (At least in theory.)

I have a BofA card with two factor authentication. Normally it sends a text. But if I use the app to log in, there is a link that says "trouble receiving code?" When I click on that link, I am given an option to receive the code via email.

Does the online purchase process have such a link?

If your phone has an esim you can load your US account to it and turn off data roaming for it, using it at the same time as the European SIM. I can't speak to the others, but AT&T doesn't charge international roaming ($10/day) unless I actively USE the connection—I can receive texts and see (but not answer) incoming calls for free.

@ Scudder - I've just got the coffee going - so I wonder if can you expand on the load the US account to the eSIM i.e. what US account. Because SMS only works on cellular, isn't receiving texts the same as actively using.

And it seems like just a nuisance to do the 2 factor process for a 35 Euro lunch. None of the three cards (2 Visa, 1 MC) required a 2 factor process when we were in Italy a month ago.

Also our Wells fargo ATM card (and WF is set up for 2 factor) did not request this info when withdrawing euros. The only time this info is requested is when accessing the web account.

As I read again your message, i see that this was occuring for online orders - makes more sense. Assume your direct purchases are ok without 2 factor?

hello all,
thanks for all your replies. today was a travel day for me and i am just now sitting down to read your responses. i am yet to call boa so no new report on my end.

to clarify one point, yes, no issues with direct purchases (stores, trainitalia ticket machines, etc.) only online (museum websites, trainitalia app etc.).

@cwsocial; the "trouble receiving code?" message does not appear. only a message saying, 'your purchase requires additional verification... and then an 877 number. other times i get a, 'a verification code has been sent to your ###...(in my case my american number). no other option.

i'll keep trying...

ok, an actual update. spoke to boa and they said no they won't send the 2-factor codes to a foreign number and no they won't send it to my email either. of course, it's not boa's fault but it is the vendor that requires additional verification. well, i guess before i travel next time i will get a card that does not require 2-factor verification. i will be so p****d if I show up at the palazzo ducale first thing wednersday morning and all tickets are sold out for the day!

Have you always had 2 factor verification at home or did it somehow get activated when you went overseas?

I just went through all the same as alomaker….. I did finally get around it once with using a debit card instead. I have been putting off a phone call to ask about the email verification. My online purchase last trip didn’t offer Paypal as an option, but that would also be a solution.

@periscope
Many modern phones (including my 3.5-year-old iPhone Xs) can function with a regular SIM card and an 'eSIM' at the same time. This allows for two phone numbers/accounts to work on the device simultaneously. ex: work/personal, domestic/international. I have my regular, US-based AT&T account loaded on my eSIM. When I travel I turn off data roaming for that number and put in a foreign SIM—a physical SIM—with a pre-paid plan.

I don't know how other carriers work, but on AT&T, receiving SMS messages does not trigger the expensive daily fees for international roaming. Sending an SMS would trigger it. And seeing the phone ring doesn't trigger it, but answering that call would.

Thanks for that. So, my provider allows for the same way to receive SMS as AT&T, but it all falls apart when I purchase an in-country SIM that can also be used in another country BECAUSE I need to keep data roamimg ON in the new country - some more work needed on my part. Thankfully, all my friends and family are on iMessage and my bank has email alerts - so I don't have any problems with what's being experienced by the OP.

i suppose this is the last update for now. i gave in and used my boa debit card to buy tickets to the palazzo ducale in urbino. no issues. the actual price is 8 euros but i bet the 'international transaction fees' will probably double the cost. once i get back to the usa and before i travel again i am going to dive deep into finding a credit card and/or a method that will help me avoid the headache of 2-factor verification+an international phone number. i will look into all your suggestions and more are certainly welcome. safe and happy travels y'all!

Frank II, I was unable to use PayPal on our last trip as PP demanded 2FA to my US cell and I had a Swiss SIM.

We switched our service to T-Mobile just so we can have our US numbers abroad next trip and avoid these problems,s with financial institutions.

The problem could be deeper than just not having phone access. In the US 2FA is used mainly for accessing websites, as an added security feature in addition to a password.

What the OP is encountering likely is what is called MFA (Multi-Factor Authentication) which has become standard for online purchases in Europe (Actually, it may now be required). Problem is, much like the much discussed PIN for transactions, many US cards have just not implemented this function. Many European card issuers handle this by generating the numeric code and notifying the cardholder to authorize all within the CC transaction, independent of the business. If your CC is not set up for this, even if you have a phone with service, you will not get a code, and cannot complete the transaction.

Businesses with a higher volume of non-European customers may handle it as 2FA within their own system, (as opposed to letting the CC company handle it) in that case having a phone and an account with that company can get you a code and things work.

We used to have that here with Verified by Visa - but that seems to have sunsetted. Currently, I have 3 instances where I get an 2FA / MFA code, my bank (text and email) but only if I sign in through a web browser, never through the App with FaceID sign-in, my airline points account (both text and email) and 1 federal department (text or telephone call.)

I have never run into the issues the OP has faced and it's frustrating as hell that she had to resort to a less secure method to make her purchase. Hopefully, it's just a one-off thing with BoA and she can find a card issuer that works ON DEMAND.