Hello,
My banking application just warned me that in further updates, it will stop working on modified or rooted devices.
Is there a way to hide to the applications that they are not running on the device's original OS ? It's gonna be a problem if it refuses to work on Graphene...
Thanks !
If your bank is switching to check the hardware attestation API, there is nothing you can do. You can complain and ask them to add GrapheneOS support, but I am not aware of any successes. https://grapheneos.org/articles/attestation-compatibility-guide
DuxBellorum My banking application just warned me that in further updates, it will stop working on modified or rooted devices.
Might they have a web site that works on your phone?
minxes0v
Indeed, it's probably what they intend to do. Thank you for the explanation, I can always ask but I doubt my request will have any weight in their security consideration. Too bad.
de0u
Yes they have. I'll still have this at least... I'll lose the payment validation with the device, the biometric authentication, and hopefully not too many other features.
DuxBellorum I think any intent to inform your bank about GrapheneOS and to ask them to include it in their safe os list is welcome.
A few days ago I complained to my bank about the same message you're getting, letting them know I'd probably have to switch to another bank if the app eventually did stop working on my phone. I mean, no payment validation is just impossible. I sent them the GOS guide for hardware integrity check linked above.
So far I haven't been able to login through the browser on my phone since it requires scanning a QR code to authenticate the connection... 🥲
I did try to go on just using the browser when this happened to me, but eventually my former bank decided that it seemed suspicious. I did request they support Grapheme, but only got the usual "Thank you for the feedback."
I have accounts at a few different institutions and this was the impetus I needed to switch. Luckily all the my newer accounts have higher APYs and allow paycheck access two days early
The odds of anyone getting a bank to acknowledge or accept GOS as an acceptable OS for transactional use are approximately 1 in 23 Billion. /s
happy_hippo I have been using Vanadium for my banking needs for about a year now. Was working at first, then stopped but resumed after enabling JIT. You may want to ensure Vanadium has camera permission for your use case, also any reasonable bank should give you more than just one way to login (that actually works) or I'm gone. Barclays offers me three ways. I am happy (in a minimalistic setup sort of way), need hardly any apps with the blessing called Vanadium. There are times when you can not be too private in order to get things done, but better done with a FOSS tool than using proprietary stuff (I am looking at you Google Play Services).
If there was bank that officially said they had GrapheneOS support, they would surely benefit from dozens of new customers!
Most banking apps are privacy nightmare anyway. They force you to accept hundreds of of permissions (atleast in my country). So, I am not sure if they will welcome GrapheneOS or any privacy focused software.
I had a talk with my "eco bank" about this too. This is not FOSS world, its not even "we use an OpenBSD malloc because it is secure".
Its all about security by obscurity, and "who pays if there is a flaw". I suppose in Androids case this may be Google.
missing-root The worst trend to come out of the modern tech industry is the concept that security is secondary
