Although people complain about too much security, one does not need to look further than the newspaper to see why.

US law won't allow it, but perhaps the solution is to permit people to choose their own level of security, but only if they are willing to accept the fraud risk. One could then choose an account with close to no security, but if it is hacked or otherwise penetrated, it is the customer's tough luck.

Not a criticism of OP, but simply a reality.