2FA like security tokens with 6 digits does not protect against MITMA, i.e. in case then you PC infected and trojan can change all requests/responds.
You might not even know that you are trasfering money to a wrong account, for example.
The only solution would be a proper "calculator" type tokens with MAC signature but that is really not user friendly.
have you seen the challenge?
However, once the space is overwritten with other data, there is no
known way to recover it. It cannot be done with software alone since
the storage device only returns its current contents via its normal
interface. Gutmann claims that intelligence agencies have
sophisticated tools, among these magnetic force microscopes, that,
together with image analysis, can detect the previous values of bits
on the affected area of the media (for example hard disk).
This has not been proven one way or the other, and there is no
published evidence as to intelligence agencies' current ability to
recover files whose sectors have been overwritten, although published
Government security procedures clearly consider an overwritten disk to
still be sensitive.
Companies specializing in recovery from damaged media cannot recover
completely overwritten files
In fact, physical damage got more chances for recovery then simple DD.
So why do you still want to use a device for that?
we should turn around such violations so developers would become happy if someone try to do it again.
Go and complain to http://gpl-violations.org/ or similar. I suspect they know how to deal with it, how to win the case and make some money possible.