Nordea Mobile (danish) claims malicious software running

altair0001

I did, in no uncertain terms, ask the representative to forward the critique to their dev team

fid02

Can confirm that this occurs also with the Norwegian version of Nordea Mobile (Play Store link). I have attempted the troubleshooting steps listed here.

It's using the open-source RootBeer library, but looking at the app logs the OS passes all of RootBeer's checks. The app is likely using the Play Integrity API.

I get the same message about an accessibility service running on my device. But guess what, when I run the app on stock PixelOS with an accessibility service actually running (Bitwarden, for testing), it does not give a toss! It lets me proceed as normal.

This is ridiculous security theater.

I'm not a Nordea customer. I could try contacting them as a potential customer (which I am, in truth) and point out this flawed approach. I hope customers of Nordea will reach out to them as well. Will be beneficial to send them the attestation guide: https://grapheneos.org/articles/attestation-compatibility-guide

altair0001 After a chat with the bank, they claim the mssage is not from them, and after contesting that, they proposed to switch the standard browser to chrome

It sounds like the support agent had never heard of the app's root checks before. It's likely they haven't been informed of any recent change regarding root detection or Play Integrity in the app. The development team likely didn't inform any support staff.

fid02

Finnish version of the app is also affected. Confirmed by a user on Discord.

Just tested and yea the Finnish version also gives the same error

Nordea is a pretty major bank in the Nordic countries, if my impression of it over the years is correct. This is bad. There's still hope, as a recent example there was a bank called Starling that reverted their usage of Play Integrity after user complaints.

Light

fid02 Can confirm this... I called them and they had no idea, I asked wtf they going through my phone. Smh... Might switch. O+ 8Pro.

josef

Same problem with the Swedish version as mentioned above. My mother had to make some payment yesterday evening and got really annoyed when she couldn't open the app... 🙃

altair0001

Thanks for all the insight.

I wrote a mail to Nordea explaining the situation and linking to this topic.

I kindly asked them to reconsider accommodating customers who hadn't sold their soul to Google or Apple.

In the meantime, I might as well have a look at other banks' apps.

[deleted]

altair0001 I do understand the convenience using an app provides. Take into consideration that you can bank using your browser which Vanadium is more than competent to do and I have been doing for quite some time now without any issues with full functionality. Banking through browser was still normal a decade ago and I fully trust Vanadium's hardening, logging out after the session and not accepting cookies, my privacy is better overall.

comfylivia

This also occurs on the Finnish version of the Nordea Mobile app. It worked without any issues until a few days ago after the app was updated.

nachtschatten

[deleted] According to EU law there is mandatory two-factor authentification for banking. Most European banks have discontinued older methods of authentification and have a mandatory app for this. So, even if you do your banking through the browser on the desktop computer or with vanadium on your mobile you still need the banking app to log in and for any transactions.

fid02

[deleted] not accepting cookies, my privacy is better overall.

Your browser will be saving a cookie on your device when you sign into the banking site.

Not sure how your privacy is any better compared to using the app? They will still be able to track what you are doing within the website while you are signed into it. There's no protection from that. Unless I am missing something?

Not clear to me what the intention of your post is. This thread is about the misbehaviour of a specific app. If you would like to make an argument for the non-use of massively convenient banking apps on a highly secure OS, perhaps you could start a new topic on this? Would be happy to discuss it further there.

Will be writing to Nordea as a customer shortly. Moreover, based on the fact that they are blocking a fully patched and secure Android OS, while at the same time allowing devices that are years behind on critical security patches* – and that their alleged security measures against accessibility services do not actually work – I think it's fair to leave a one-star review on their Play Store entry.

*the app's minimum required version of Android is Android 7.

altair0001

[deleted] this comes down to the app being more convenient than the browser. Either way, here in DK, we're forced to use some kind of 2FA. In my case it's a physical TOTP device, so there's really no difference in that regard. I don't NEED the Nordea app. I just happen to like it better than the browser experience.

[deleted]

nachtschatten not true

[deleted]

fid02 thank you for giving me the final push.

[deleted]

fid02 considering the security issues of said app that you mentioned and lack of flexibility of app development team, I am surprised that you let them handle your currency. I would like to hear the outcome of your correspondence with them. Most likely they will be dismissive or play for time. I would definitely prefer a product that lets me bank on my own terms, not someone else's.

fid02

[deleted] You are leaving the forum because of my post? I read your profile info just now. Please note that I appreciate feedback and critique towards what I'm writing. If you see my post as toxic, please say so, and report it to the mods.

fid02

[deleted] My post might've been too cross to be constructive. I apologise for this. If you would like to give me feedback, feel free to DM me on Discord (fido_2) or Matrix (fido_2:matrix.org)

other8026

Just a reminder that if situations like this arise, members of the community can contact members of the moderation team. Most, if not all of us have contact details in our bios so issues can be handled privately.

altair0001

I forwarded this topic to the mobile app team at Nordea. I don't know if they decided to filter my aliassed mail or whatever, but I still haven't received, even a report about it being received. So I will forward it again via my customer service rep.

lbschenkel

Hi all. Can you guys post your combination of Phone model, GrapheneOS and Nordea app+version?
I'm asking because I have Nordea app installed (DK version), and I am not experiencing this. It continues to work for me.

app: dk.nordea.mobilebank version: 4.16.1 (1002744)
GrapheneOS: 2024052100
Pixel 6

altair0001

lbschenkel

Same except Pixel 7 pro + Pixel 7

comfylivia

lbschenkel

app: fi.nordea.mobilebank version: 4.16.1.3002839
GrapheneOS: 2024052100
Pixel 7a

I'm encountering this issue. It only started occurring after the update from 4 days ago

wpvxqqpv

- app: no.nordea.mobilebank  
- version:  4.16.1 (1002820)
- GrapheneOS: 2024052100
- Pixel 6 pro

lbschenkel

wpvxqqpv Are you encountering or not encountering errors in your Pixel 6 Pro?