My issue with magic links is what happens to someone who utilises MFA that relies on their mobile? If they loose their card + phone they will be unable to receive a magic link to block
their card by logging into the web.
Monzo do not answer their phones it seems.
Also some people do not have email on their mobile which means they need to manually type in the magic URL which is annoying.