Hardware Security Module device can solve this
The problem is that: from the way the phone networks are design, up to the device of the client, everything is vulnerable in so many ways!
Just having access to some Telecom Carrier in some country (like say, pay some one to install a backdoor) gives access to most Telecom Carriers around the world... and with that and the phone number you can get the code in your terminal from even people in the other side of the world without even getting close to their phones at all... so this system is flawed!
What then? What can banks, and everyone else do?
For normal authentication maybe people just need SQRL (Secure Quick Reliable Login), and for authentication of requests/ operations some digital signature. .. if SQRL can't perform that to.
The best is that this can be done in some Hardware Security Module (HSM) device... like say: the size of a credit card calculator, to fit a wallet or the pocket, but with privacy display, integrated keyboard, camera to recognize QR codes and just the ability to connect to reader devices physically (like say: ATM machines; Point of sales; readers for internet web sites;...). Of course people can have their own readers or readers can be integrated into new smartphone/ tablets/ laptops so that this would work almost seamless.
The device it self should display the action, where the user is trying to login/ authenticate something, what exactly is being requested from him/ her, give the choice tho choose from multiple private keys (so that every bank/ service can have their own key associated, if SQRL can't be used) and that is it.
To protect the device the sky is the limit, finger scanner plus some password (displayed randomly) would be a good solution (something you have plus something you know... something you have may be demanded/ removed from you (like say: by criminals), but something you know depends on your own will.
Of course exporting the private keys should be either impossible (the most secure option) or just using the device it self to create encrypted backups (no external way to request that)... isn't so secure but allows recovery if you loose/ destroy or someone steals the device.