In my own Portugal, which is a very turistic country and also towards the bottom of the GDP-per-capita scale in the EU, things that would likely work very well would also be:
- Crack down on AirBnB
- Forbid ownership for non-residents.
Portugal currently has a massive house inflation problem (extra massive, because of how low average incomes are here) and a lot of it has to do with residential housing being removed from the housing market and turned into short term turist lets (for example, over 10% of housing in Lisbon has been turned into AirBnB lets) and foreign investors (not just big companies but also individuals, such as well off pensioneers from places like France) pulling prices up by being far less price sensitive than the locals as they're buying residential housing as investments having far more money available than the average Portuguese.
Having lived in both Britain and Portugal during housing bubbles, what I've observed was that the politicians themselves purposefully inflate those bubbles, partly because they themselves are part of the upper middle class or even above (especially in the UK) who can afford to and have Realestate "investments" and hence stand to gain personally (as do their mates) from Realestate prices going up and partly because the way Official GDP (which is supposedly the Real GDP, which has Inflation effects removed) is calculated nowadays means that house price inflation appears as GDP "growth" since the effects of house price increases come in via the "inputted rent" mechanism but the Inflation Indexes used to create that GDP do not include house price inflation, so by sacrificing the lives of many if not most people in the country (especially the young, for example the average age for them to leave their parent's home in Portugal is now above 34 years old and at this point half of all University graduates leave the country as soon as they graduate) they both enrich themselves and can harp in the news all about how they made the GDP go up.
All this has knock on effects on the rest of the Economy, from the braindrain as highly educated young adults leave and the even faster population aging as people can't afford to have kids, to shops closing because most people have less money left over after paying rent or mortgage so spend less, plus the commercial realestate market is also in a bubble so shops too suffer from higher rents. However all this is slow to fully manifest itself plus those who bought their houses before when they were cheaper don't feel directly like the rest, and they generally don't really mentally link the more visible effects (such as more and more empty storefronts) to realestate inflation, much less do more complex analysis of predictable effects, such as how the braindrain and fall in birthrates will impact their pensions in a decade or two.
Those little boxes are just a bit of hardware to let the smartchip on the smartcard do what's called challenge-response authentication (in simple terms: get big long number, encode it with the key inside the smartchip, send encoded number out).
(Note that there are variants of the process were things like the amount of a transfer is added by the user to the input "big long number").
That mechanism is the safest authentication method of all because the authentication key inside the smartchip in the bank card never leaves it and even the user PIN never gets provided to anything but that smartchip.
That means it can't be eavesdropped over the network, nor can it be captured in the user's PC (for example by a keylogger), so even people who execute files received on their e-mails or install any random software from the Internet on their PCs are safe from having their bank account authentication data captured by an attacker.
The far more common ~~two-way-authentication~~ edit: two-channel-authentication, aka two-factor-autentication (log in with a password, then get a number via SMS and enter it on the website to finalize authentication), whilst more secure that just username+password isn't anywhere as safe as the method described above since GSM has security weaknesses and there are ways to redirected SMS messages to other devices.
(Source: amongst other things I worked in Smart Card Issuance software some years ago).
It's funny that the original poster of this thread actually refuses to work with some banks because of them having the best and most secure bank access authentication in the industry, as it's slightly inconvenient. Just another example of how, as it's said in that domain, "users are the weakest link in IT Security".