To a robot, the act of moving meat into physical proximity with a switch might be considered to be an equally obscure action. As a component of a 2-factor system to prove token possession, either seems quite adequate.
The use of U2F tokens as single factor auth seems to have promulgated thanks to this implicit 3rd factor keeping the situation moderately at bay. I posit that this is largely the same reason that keys and locks remain relatively secure despite that almost all of them are trivial to bypass or duplicate. The physical access bit is just so damn inconvenient for the typical modern white-collar criminal.
The odds any malware would both locate this api, and actionably utilize a generated otp, is slim to zero.