Yesterday was trying to pay with PayPal (protected by hardware key/yubikey) via Android and it said: Supported on desktop only...

And another thing: https://www.paypal-community.com/t5/Managing-Account/Why-am-...

Right, this still has to do with WebAuthn/FIDO2. PayPal can not tell if I am using Google Authenticator or if I am using Yubikey TOTP.

I would absolutely love if more services supported WebAuthn/FIDO2, of course, but Yubikey TOTP is supported everywhere Google Authenticator is.

Oh I thought you meant those usb devices that need to be set up, like google titan and similar.

Ah, no, these can connect to a PC over USB and to a smart phone over USB or NFC to generate a 6 digit TOTP code, just like Google Authenticator does.

They can also do more sophisticated things, but that's not what I was referring to here. Those sophisticated and more secure things are supported by Google, Facebook, Dropbox, Github, etc, but not by most banks. Banks are so slow with this stuff and still do SMS-based 2FA which is absurd to me.