This would also open the door to actually secure online card payments by just tapping the physical card (or Apple/Google Pay) instead of relying on static card numbers & hacks such as 3D Secure.

I don’t know what I’m talking about, but isn’t the Secure Enclave already a solution to this? Fido cards just sound like an external solution that all iPhones and new MacBooks already have integrated (T2)

Sure works when you have only one computer in your life (aka almost nobody). It’s especially bad with Apple with 3 different usb standards. Contactless is the future.

What's stopping you from linking more than just one physical FIDO-enabled device to a particular site/service? Most MFA implementations I've seen already allow this, and it seems especially important if you want to minimize the pain of losing/damaging that one sacred card.

AWS, for example, only permits one MFA device per IAM user account. I have four computers and four tokens. :/

I don't carry any keys so those massive dongles would be pain. Plus must is not ALL which breaks everything.

Mobile phones can be FIDO enabled. (see https://developers.google.com/identity/fido/android/native-a... )