You're giving a MFA number to someone that called you?!

GolDDranks · 2025-07-17T16:01:31 1752768091

The bank I used to use had a per-verification request code that the app showed. If the party dealing with you knew the code, you could be sure they were the party who initiated the verification request.

LorenPechtel · 2025-07-17T19:00:36 1752778836

But you said you read back the code. It should be the other way around--*you* compare the code they give you with the code the app gives you. Give zero information until identity is confirmed.