Sure, banks must enforce good security, but a lot of other things should not care.
Like online stores for example. As long as I am paying paypal, the only info my account has is email, address and recent orders. One can google my address in about 20 minites anyway, and this means I really don't care about account security. If there was an option to login without password using email alone, I'd probably pick it.
Why would you need an account at all, that just raises the risk (of a data breach) for the buyer? I always prefer not having to have yet another account to buy something.
Yes, if there is a "no account" option, then this is even better.
But sadly a lot of places I saw do not offer this -- you are forced to make an account to purchase. I am not sure why. Maybe they think they can improve engagement/recognition by forcing users to make an account? Or maybe they are too lazy to implement no-account workflows? Or a misguided thought that sending detailed receipts by email is bad?
(The goal of store accounts are: (1) provide list of active orders; (2) for individual order, show user the order status; (3) once order is complete, show order details with easy re-order links. This can definitely be all done with email, but this seems to be unpopular with some users. So many stores have to implement web-only flow, which needs account for authentication. And at this point, many of them just stop.)
Sure, banks must enforce good security, but a lot of other things should not care.
Like online stores for example. As long as I am paying paypal, the only info my account has is email, address and recent orders. One can google my address in about 20 minites anyway, and this means I really don't care about account security. If there was an option to login without password using email alone, I'd probably pick it.