ETH is designed with transfer-and-call as the default behavior in a transaction. Unfortunately, EIP-20 is not designed with that pattern in mind and newer standards (EIP-223, EIP-667, EIP-777, and EIP-995) are too late to replace EIP-20 as the de facto standard.
Application and router contracts have to use the approve-then-call pattern which costs additional n*m*l allow (or permit) transactions, for n contracts, m tokens, and l user addresses. These allowance transactions not only cost enormous amounts of user gas, waste network storage and throughput, and worsen user experience, but also put users at serious security risks as they often have to approve unaudited, unverified and upgradable proxy contracts.
The Universal Token Router (UTR) separates the token allowance from the application logic, allowing any token to be spent in a contract call the same way with ETH, without approving any other application contracts.
Tokens approved to the Universal Token Router can only be spent in transactions directly signed by their owner, and they have clearly visible token transfer behavior, including token types (ETH, EIP-20, EIP-721 or EIP-1155), amountInMax, amountOutMin, and recipient.
The Universal Token Router contract is counter-factually deployed using CREATE2 at a single address across all EVM-compatible networks, so new token contracts can pre-configure it as a trusted spender and no approval transaction is necessary ever again.