Mandated is the wrong word. “Required for absolutely everything” is more precise. In Denmark you need an app called “MitID” to do any kind of digital verification. You can’t do online purchases, banking or digital bureaucracy without it.
It’s not really. Much better then US’ lack of any one consistent system (or even lack of electronic option) and random OTP generators. But makes switching phone OS feel like a pretty big risk.
I mean it may be pretty well done and thus ‘safe’ (curious if said app is open source?), but it sounds like you, as an individual, are tracked for most of your activities. Is cash still a mainstream option for payment?
Also, it’s probably a costly stretch and really depends on your threat model, but could still have a phone with said app for any activity that requires it, and another one running GOS for a more private use.
How do people who don’t have smartphones do it? Is there some harder roundabout way?
You can use a keychain OTP generator (in Norway). I have no clue how it generates verifiable codes. The phone app is more convenient, and to the point at hand, actually connected to the internet/NFC. In any case it’s factor 1 in a 2FA (And then some), so the same way any 2FA would work.