Someone with Pixel 8 please report if version 3.2.2 works with 20131023. Given that this particular version was released to address issues with Pixel 8, I am assuming that it should work.

    lbschenkel

    Pixel 8 UD1A.230803.041.2023102300

    Mitid 3.2.2

    Works totally fine. I do not have a Danish ID so I didn't proceed too far into the app but I can confirm that the app opens and seems to behave quite nicely.

      lbschenkel I can also confirm 3.2.2 fully works on the Pixel 8 with build UD1A.230803.041.2023102300

        9 days later

        is it just me that cannot get it to sign in?
        pixel 7 pro
        when scanning the passport it just fails after a minute or two.

        tried from aurora aswell as google play store.
        gps has network access.

        everything is updated to latest as of now, which according to the gist should work?

        Version 23.35.14 (190400-561707045)

          LGXerxes I just to point out that if you can reach the point of scanning the passport without the app complaining that you are rooted, the app is "working" in the sense that it would have behaved the same way as stock Android and it is not refusing to work due to detecting something different with GrapheneOS.

          That said, which country's passport are you trying to read? Is it failing to read it at all or does it give an error after reading? Can you try to read your passport using ReadID Me to see if that works?

          Although MitID claims to support any biometric passport, I have multiple citizenships and the app just works for one passport but does not work for another: it reads the passport but then it shows an error and does not proceed. I know it is the app rejecting the passport and not the passport failing to read because the passport can be read successfully via ReadID.

              lbschenkel thanks for your input!

              it seems theat it is just not working for pixel7pro?

              as on my xiaomi mi9t pro on the same mitid version scanning of the passport works.

              it is a Danish passport.

              and reading with ReadID me, works fine :(

                  lbschenkel
                  it scans, the dots fill up. but it is thinking.
                  then at some point it complains about to many tries and i have to start over again.

                  my thought was that it tries to validate some data somewhere but it is not able to reach it. but i think I've removed all hardening on mitid and give alot of accesses to GPS and play store.

                    11 days later

                    Just a FYI: new MitID version 3.2.3 works in GrapheneOS versions 20231031 and 20231115.

                    I had the same issue with MitID on GrapheneOS. It said my device is rooted, but it's not. I updated GrapheneOS recently, so maybe that's the prob. Can someone with an older GrapheneOS version check if MitID works for them It seems like there might be a hiccup with the MitID app on GrapheneOS. The message about the device being rooted popped up, but the phone isn't rooted. Could be an update thing. Maybe someone with an older GrapheneOS version can check if the app works without showing that message? If it's just happening after the recent update, might be a bug. Could really mess things up for folks in Denmark if it's not sorted out.

                      I am no longer able to login to the site with MitID. I can enter the code of MitID but nothing happen afterwards.

                        Grkrz mitID works but it is not possible to login to any sites on Vanadium.
                        Something is not allowing to continue to enter the site after conformation from MitID.
                        I have tried with Firefoks and works.

                          I can confirm that MitID login flow is currently broken in Vanadium: the MitID app itself works but when control is back to Vanadium, it does not redirect to the post-login page.

                          I could reproduce this when trying to login in mitid.dk and when trying to login in my bank app. Switching default browser to either Firefox or Chrome fixed the issue.

                          I tried to relax every possible setting in Vanadium but I could still not make it work.

                          Note that I am 100% certain that Vanadium used to work months ago. In fact, to login to my bank app I was forced to change default browser from Firefox to Vanadium because with Firefox it always got stuck in the post-login phase, in a similar way that it is happening now. Now the situation has reversed.

                          I am not quite sure if this is due to something changing in Vanadium, or due to the changes that happened with the MitID login flow when the barcodes were introduced. It used to be that you could login by entering your name and manually switching to the MitID app to authenticate; now you are forced to push the button to open the app from the login form. This change might have been the one that stopped working in Vanadium for whatever reason. I'm inclined to say that either way, this is a Vanadium bug.

                            • [deleted]

                            • Post #198

                            lbschenkel This may be because of some Vanadium patch for privacy

                              I can only confirm that last week everything was working with Vanadium.

                              a month later

                              @lbschenkel Every issue reported with this app has been a bug in the app. The same thing applies to the compatibility issues with Vanadium. They're doing completely broken security theater as they've always been doing. The solution is reporting the problems to them persistently and getting them to fix it as they've done for past issues. They expect the browser to leak information about the OS including the device model or they'll ban it as fraud. It doesn't make any sense and is broken. Security checks should always be server side, not client side, and these kinds of checks are not security. The developers of these apps take security theater nonsense to whole new levels. They may be violating competition laws in the EU by unnecessarily breaking the app with alternate operating systems and browsers. Please raise these issues with them.

                              @[deleted] Vanadium stopped telling websites the device model, etc. via high entropy client hint headers. This doesn't break anything that's not inherently broken. Only Chromium-based browsers have the client hints. The app is buggy and is hard-wiring checks to see if the browser resembles one they allow.

                              Vanadium isn't going to provide a toggle to enabling giving sites the device model, etc. via headers that are not even implemented by non-Chromium-based browsers. This app is extremely buggy and poorly written. They need to cut out the security theater of hard-wiring checks for the browser providing metadata matching a browser/OS they allow. It's nonsense and doesn't improve security in any way. They almost certainly do this as part of broken bot / fraud detection. They simply need to fix it to permit Vanadium. Ask them to fix their buggy software again. They seem to be willing to do that since they fixed all the other issues in the past eventually.

                              @lbschenkel This app is consistently broken on different browsers, operating systems, etc. due to their security theater and buggy code. There has never been a case where it was broken due to a bug in GrapheneOS. It's incredibly strange to start blaming something you say happened in Firefox with it before on Vanadium now. It's their app which is consistently the problem. Removing the high entropy client hints was a publicly announced change in Vanadium which doesn't break compatibility with anything that's not already broken and non-portable. They need to fix their site, and you need to report their bugs to them rather than to us. Blaming Vanadium for this is wrong, just as blaming GrapheneOS for the earlier issues was wrong. Every issue has proven to be a bug they ended up fixing later. There has yet to be a single issue reported here which was anything else but a bug on their end. Report them problem to them and emphasize that supporting only specific browsers is anti-competitive. Whitelisting browsers based on their advertised OS/version/hardware metadata is wrong.

                              An actual bot would simply send the headers that Chrome does without doing anything special by simply doing automation via scripted Chrome, invalidating their broken checks.

                                The app developers explicitly say that they only support Chrome and Safari. They deliberately break it in other browsers. They likely added hard-wired checks for Firefox's headers at some point so that temporarily works, until it changes slightly and stops working again for months. Entirely useless security theater and is going to keep breaking with each new OS release, browser changes, etc. It doesn't mean anything is broken about those OS releases, browser changes, etc. This app is broken, and will keep breaking over and over even on the stock OS until they stop doing this broken bot detection nonsense.