Sorry, my mistake, they co-authored the Web API for accessing FIDO 2.0 credentials, and are part of the W3C working group which is producing a new web authentication API https://w3c.github.io/webauthn/ My guess is that they'll wait until this is finalised, and implemented in browsers before reworking their second factor auth. Which probably means 2 years or more from now. Which is a shame, since Facebook just added FIDO U2F, and in the meantime 2FA on PayPal is poor/annoying/buggy.
... View more