I’ve probably been using Google Voice for 15 years. It is an awesome service that allows me to have a phone number that is disconnected from my phone company and perfect for keeping my personal and business life separate. I’m able to use it on any web browser. It is extremely useful when traveling over seas.
Over the last few years it has become increasingly more difficult to rely on my Google voice number. Five years ago it became a real problem with Citibank. More recently AARP refuses to accept it. Even Meta refuses to acknowledge that VOIP phone numbers are valid. This caused me to loose access to my WhatsApp account and years of conversations. Recent changes with American Airlines and Barclays have ended that relationship and forced customers to return to Citibank. It is therefore with great reluctance that I have to give my real phone number to my bank. That’s probably the one that hurts the most.
When I was applying for the new city card, I had to listen to the poor customer service rep read the litany of conditions and terms for the card. There was a section on there where I agreed to give city access to my phone records. She referenced a particular federal law regarding banking identity. 
USA PATRIOT Act (31 CFR § 1020.220 – Customer Identification Program, CIP)
- Requires financial institutions, including credit card issuers, to verify the identity of customers opening accounts. A phone number is often collected as part of this process to prevent fraud and identity theft.
Bank Secrecy Act (BSA) / Anti-Money Laundering (AML) (31 U.S.C. § 5311 et seq.)
- Requires banks to maintain customer records and transaction data to prevent money laundering and financial crimes.
- Customer Identification Program (CIP) rules under the USA PATRIOT Act (31 CFR § 1020.220) require financial institutions to collect and verify customer contact information, including phone numbers.
Federal Deposit Insurance Corporation (FDIC) and Office of the Comptroller of the Currency (OCC) Regulations
- Require banks to maintain accurate customer contact information, including phone numbers, as part of risk management and fraud prevention measures.
So while none of these rules state that the consumer must have a cell phone, they give a lot of leeway to the corporations to make it difficult for people without a cell phone or a landline. In the case of Citi, whenever their system detects unusual behavior, they lock the account and require the customer to jump through the verification questions. Examples of suspicious behavior for this travel card include traveling and putting the card in a digital wallet. Every time I got a new phone or new watch, I knew I was going to spend the next two hours trying to prove my identity. I quickly learned not to do anything suspicious like that while traveling as failure to prove my identity would result in the card being canceled, and I’d have to wait for a new card to show up in the mail for the process to start all over again. Depending on who answers the phone this can take the form of a simple phone call or email verification but more often meant waiting for a letter in the mail. Once I waited for the letter to come in the mailed, logged in, and was immediately locked out again.
As I am now waiting the 7-10 days for the post mail verification code to show up, I’ve given up on this tiny protest to protect my privacy. The corporate overlords have won. I have to use WhatApp so now Meta has my phone number. I want to keep my AARP account (more) secure and all they offer is insecure SMS. Citibank is going to make it excruciatingly difficult to be their customer unless I share my phone number with them. So be it. I know Citi is not really interested in security. They just want my phone number as a method to track me as a consumer.