zfnmxt I noticed that the latest 20231023 release is no longer experimental for Pixel 8. Are you willing to upgrade to this release and test the two scenarios below?

  1. checking if MitID 3.1.1 still works (I expect it will, there is no reason to break)
  2. upgrading to MitID 3.2.1 to see if it works now

Naturally you may lose your MitID if step 2 does not work, will need to uninstall, reinstall 3.1.1 and re-enroll. I'm not sure if you're willing to do that.

Otherwise it would be nice if anybody who has a Pixel 8 + 20231023 could try installing MitID and reporting if it crashes or if it shows any error message during startup.

    1. 3.1.1 works on 20231023 on the Pixel 8.

    2. Note that 3.2.2 was just released with "Bugfixes for Pixel 8/8A + Android 14" as a release note (I guess they mean 8/8 Pro). Unfortunately I can't try the update (nor 3.2.1) until my backup MitID code generator arrives. Should be soon; I'll update then.

    Curiously some users on 8/8 Pro are reporting crashing on 3.2.1 like I saw, presumably on the stock OS, so maybe the issue was GOS-agnostic afterall.

    Someone with Pixel 8 please report if version 3.2.2 works with 20131023. Given that this particular version was released to address issues with Pixel 8, I am assuming that it should work.

      lbschenkel

      Pixel 8 UD1A.230803.041.2023102300

      Mitid 3.2.2

      Works totally fine. I do not have a Danish ID so I didn't proceed too far into the app but I can confirm that the app opens and seems to behave quite nicely.

        lbschenkel I can also confirm 3.2.2 fully works on the Pixel 8 with build UD1A.230803.041.2023102300

          9 days later

          is it just me that cannot get it to sign in?
          pixel 7 pro
          when scanning the passport it just fails after a minute or two.

          tried from aurora aswell as google play store.
          gps has network access.

          everything is updated to latest as of now, which according to the gist should work?

          Version 23.35.14 (190400-561707045)

            LGXerxes I just to point out that if you can reach the point of scanning the passport without the app complaining that you are rooted, the app is "working" in the sense that it would have behaved the same way as stock Android and it is not refusing to work due to detecting something different with GrapheneOS.

            That said, which country's passport are you trying to read? Is it failing to read it at all or does it give an error after reading? Can you try to read your passport using ReadID Me to see if that works?

            Although MitID claims to support any biometric passport, I have multiple citizenships and the app just works for one passport but does not work for another: it reads the passport but then it shows an error and does not proceed. I know it is the app rejecting the passport and not the passport failing to read because the passport can be read successfully via ReadID.

                lbschenkel thanks for your input!

                it seems theat it is just not working for pixel7pro?

                as on my xiaomi mi9t pro on the same mitid version scanning of the passport works.

                it is a Danish passport.

                and reading with ReadID me, works fine :(

                    lbschenkel
                    it scans, the dots fill up. but it is thinking.
                    then at some point it complains about to many tries and i have to start over again.

                    my thought was that it tries to validate some data somewhere but it is not able to reach it. but i think I've removed all hardening on mitid and give alot of accesses to GPS and play store.

                      11 days later

                      Just a FYI: new MitID version 3.2.3 works in GrapheneOS versions 20231031 and 20231115.

                      I had the same issue with MitID on GrapheneOS. It said my device is rooted, but it's not. I updated GrapheneOS recently, so maybe that's the prob. Can someone with an older GrapheneOS version check if MitID works for them It seems like there might be a hiccup with the MitID app on GrapheneOS. The message about the device being rooted popped up, but the phone isn't rooted. Could be an update thing. Maybe someone with an older GrapheneOS version can check if the app works without showing that message? If it's just happening after the recent update, might be a bug. Could really mess things up for folks in Denmark if it's not sorted out.

                        I am no longer able to login to the site with MitID. I can enter the code of MitID but nothing happen afterwards.

                          Grkrz mitID works but it is not possible to login to any sites on Vanadium.
                          Something is not allowing to continue to enter the site after conformation from MitID.
                          I have tried with Firefoks and works.

                            I can confirm that MitID login flow is currently broken in Vanadium: the MitID app itself works but when control is back to Vanadium, it does not redirect to the post-login page.

                            I could reproduce this when trying to login in mitid.dk and when trying to login in my bank app. Switching default browser to either Firefox or Chrome fixed the issue.

                            I tried to relax every possible setting in Vanadium but I could still not make it work.

                            Note that I am 100% certain that Vanadium used to work months ago. In fact, to login to my bank app I was forced to change default browser from Firefox to Vanadium because with Firefox it always got stuck in the post-login phase, in a similar way that it is happening now. Now the situation has reversed.

                            I am not quite sure if this is due to something changing in Vanadium, or due to the changes that happened with the MitID login flow when the barcodes were introduced. It used to be that you could login by entering your name and manually switching to the MitID app to authenticate; now you are forced to push the button to open the app from the login form. This change might have been the one that stopped working in Vanadium for whatever reason. I'm inclined to say that either way, this is a Vanadium bug.

                              • [deleted]

                              • Post #198

                              lbschenkel This may be because of some Vanadium patch for privacy

                                I can only confirm that last week everything was working with Vanadium.

                                a month later

                                @lbschenkel Every issue reported with this app has been a bug in the app. The same thing applies to the compatibility issues with Vanadium. They're doing completely broken security theater as they've always been doing. The solution is reporting the problems to them persistently and getting them to fix it as they've done for past issues. They expect the browser to leak information about the OS including the device model or they'll ban it as fraud. It doesn't make any sense and is broken. Security checks should always be server side, not client side, and these kinds of checks are not security. The developers of these apps take security theater nonsense to whole new levels. They may be violating competition laws in the EU by unnecessarily breaking the app with alternate operating systems and browsers. Please raise these issues with them.

                                @[deleted] Vanadium stopped telling websites the device model, etc. via high entropy client hint headers. This doesn't break anything that's not inherently broken. Only Chromium-based browsers have the client hints. The app is buggy and is hard-wiring checks to see if the browser resembles one they allow.

                                Vanadium isn't going to provide a toggle to enabling giving sites the device model, etc. via headers that are not even implemented by non-Chromium-based browsers. This app is extremely buggy and poorly written. They need to cut out the security theater of hard-wiring checks for the browser providing metadata matching a browser/OS they allow. It's nonsense and doesn't improve security in any way. They almost certainly do this as part of broken bot / fraud detection. They simply need to fix it to permit Vanadium. Ask them to fix their buggy software again. They seem to be willing to do that since they fixed all the other issues in the past eventually.