Very good point. "What you see is what you sign" is a powerful property, but it does often need some support on the side of the signature verifier to make it possible.
Reading through an entire email (maybe MIME multipart encoded) on a small OLED screen isn't fun; on the other hand, something like "confirm transfer of €x to IBAN y from your account z" would be great – but needs support of your bank.
That support is incredibly hard to get. Android has supported "protected confirmation" [1] for many years now (on Pixel devices), but I have yet to see support for it by any real-world service I'm using, and I'm not holding my breath, since I can't even use FIDO with any of my banks...
Reading through an entire email (maybe MIME multipart encoded) on a small OLED screen isn't fun; on the other hand, something like "confirm transfer of €x to IBAN y from your account z" would be great – but needs support of your bank.
That support is incredibly hard to get. Android has supported "protected confirmation" [1] for many years now (on Pixel devices), but I have yet to see support for it by any real-world service I'm using, and I'm not holding my breath, since I can't even use FIDO with any of my banks...
[1] https://developer.android.com/privacy-and-security/security-...