In the Netherlands (and beyond) online payments (shops, Steam, etc.) are made via the IDEAL platform run by the Dutch banks collectively. That is a good thing, because payments are secure and easy, and no one needs a credit card. But that does mean using your bank's web service to approve those payments.
Using the bank's offline OTP hardware (where you insert your debit card and enter a PIN and the code generated by the bank's website for an OTP) is possible, but using the app is significantly less effort than that. There is very little point in resisting it. It's not a healthy situation, but it is the reality.
If you install the app then you are complicit in normalizing the requirement of signing terms of service and data sharing agreements to US technology companies in order to do banking.
Be the person that demands better. Be the squeaky wheel. Call politicians and press if needed. Stop this shit now before it becomes expected for school and healthcare too.
It's impossibly convenient to be perfectly fair with you, however I know that my bank has stopped issuing the "BankID Card" (which was a card and pin device that allowed you to generate challenge numbers)- and now forces you to use the BankID app -- which will not run on rooted phones of course.
It's even slightly worse as the App requires NFC; so I can't keep a backup on my iPad (which is what I was doing before).
Feel free to say you are a member of the Church of Cryptography and that installing proprietary corporate controlled apps is against your religion.
Never been asked to install an app for banking, but a health care clinic dropped me as a patient for not buying a phone that can install their app. I was the first case where a patient refused to conform. Found a new clinic who was willing to earn my business with phone and email correspondence. The original clinic escalated the case to corporate HQ when I filed a public medical malpractice complaint, and they ultimately responded by adding a webapp.
DEMAND the right to live your life without corpotech in your pocket. I am now 5 years without a smartphone working as an engineer and founder with an active social life who frequently travels and it can absolutely be done.