One option to do this would be some sort of new dynamic blockchainbased-2FA - this is something that wasnt invented yet but its fully practical and possible to implement from a technical point of view. So in this case you d for example need to invent a new 2FA derivation path algorithm that is taking as input only one single private-key - and it would deliver a new dynamic key (=2FA key) each N blocks or seconds based on this privkey. Based on an initial timestamp this new 2FA-derivation-path algorithm would always know which 2FA-key to show you - and any application/wallet could use the same data to verify the key. This would work pretty well as the worlds first native blockchainbased 2FA technology. Of course you d need to pack it into a secure chip that is utlizing this algorithm - and there you go.
We, the Komodo Platform coreteam, are offering a bounty of 25.000 USD + a fulltime job offer for the successfull implementation of the above described technology on top of Komodo. (functional prototype fullfills the reqs).