I remember when I first entered the adult world paying my bills online was super easy.
These days, I feel like half the time I log onto some doctors office or mechanics website to pay a bill the site is like “yeahhhh, idk why but I’m just not going to accept your credit card. Also the button to the ‘finalize payment’ screen is grayed out even though you filled out everything.”
And they you email tech support and they’re like “idk delete your cookies I guess? That didn’t work? Guess you gotta mail us a money order.”
Then they could put that part behind 2FA is the thing idk. Too much effort I guess.
Segregating those systems isn’t always as easy as it sounds. Sometimes having those processes interact requires you put them on the same security level.