GrapheneOS Excellent, thank you very much, this will (hopefully) save the day when my new Pixel 8a and Pixel Tablet arrive.
Have these settings been tested against the Revolut apps? Because as said, it's not that just GrapheneOS has been banned this way. I have no oversight over the build.prop settings of the other ROMs that I have tried, but I assume most (if not all) of them likely had some "lineage" in it.
Excellent work! In that case, Revolut should probably be removed from the list at the bottom here: https://grapheneos.org/articles/attestation-compatibility-guide
I also lost access to Revolut last week - I tried to access the disposable card and that action forced some kind of relog, and I couldn't log in anymore. I've had my issues with Revolut before, so this time I decided to stop using that account, I "only" had to get my money out of Revolut and close the account.
For anyone else who'd like to follow this path: you can request transfers from your Revolut accounts to your accounts outside of Revolut, but they have to have matching currency and you need to provide Revolut with account statement proving that target account actually belongs to you. In my case, no fees were applied for those statements. And I managed to recover all* my money. You can contact support through browser web app, which you can access using email confirmation.
For anyone interested, I'm attaching my one-week-long ride with Revolut support
If you just want to see details of transfering money out of Revolut: it's around the middle. First 1/3 is just generic "your app doesn't work, let's try to fix that".
* And last 1/3 is all about trying to get rid of my 1 CZK (0.04 EUR) that was blocking my request to close account....
NoMoreRevolut Unfortunately leaving Revolut is not an option (for me and surely many others), because there is nothing else like there services (at least available to me were I live). I'm actually using all their major services, so not only the regular banking functionality in the personal Revolut app, but also Investing, Revolut for Business and Revolut X (their crypto currency exchange).
That's why I'm so eager to make this work without having to go back to a stock ROM or the other custom ROM (which I'm obviously not allowed to mention here anymore).
NoMoreRevolut For anyone interested, I'm attaching my one-week-long ride with Revolut support
What a read! I think the word "Kafkaesque" is more than appropriate here. But good that you managed to close your account through the web app.
NoMoreRevolut Also word of advise: web app session only lasts 5 minutes, the you get logged out "due to inactivity", doesn't really matter whether you were actually active or not, so if you want to write a longer message to support, save yourself some of my frustration and copy the message you're typing often, or better yet, write it outside of web app and just copy it to support chat. Trust me....
MasterOne It has been tested and works fine with these changes. The main issue was that we didn't realize they had specifically banned GrapheneOS via ro.build.user and ro.build.host so previous things we tried didn't work. The app's code dealing with this is a third party party SDK that's heavily obfuscated and we aren't sure if they're checking it locally or with a remote service.
Please note GrapheneOS is not a "ROM" and we don't use that terminology.
GrapheneOS The main issue was that we didn't realize they had specifically banned GrapheneOS via ro.build.user and ro.build.host so previous things we tried didn't work
Thanks for officially clarifying. It's kind of terrifying that Revolut specifically picks on GrapheneOS and publicly defend it in the name of "security".
Is there a good (technological) reason a fintech like Revolut doesn't want their apps installed on GrapheneOS? I can only come up with 2 ideas:
Just to clarify, did they specifically blacklist GrapheneOS (and presumably others like LineageOS) that way or did they just whitelist whatever string normal Android uses with everything else not allowed? If the former it would be very concerning that they go such lengths to block GOS.
N1b Revolut is the only company we've seen specifically banning GrapheneOS so far, but some other apps might start working based on the changes we made to work around this.
Viewpoint0232 They specifically check for ro.build.user / ro.build.host being set to grapheneos which was the arbitrary value we chose for reproducible builds. We've changed them to build-user and build-host. Setting them to arbitrary strings other than grapheneos works fine. It is not because there's any special case for build-user and build-host which are not what the stock Pixel OS or other operating systems use, which varies a lot and has changed over time so it clearly wouldn't be safe to hard-wire checks for them. They aren't doing that but rather specifically banning GrapheneOS. Revolut likely had nothing to do with this themselves. They use several third party SDKs and are likely querying those to check if the device runs an alternate OS, so the detection is based on these poorly made checks by third parties. They aren't using hardware attestation and if they use the Play Integrity API, it isn't enforced by the their service beyond basic integrity yet.
Thanks grapheneos team for this and others who persevered in solving the problem
SilverCat38 It's not really solved since they'll likely start enforcing the Play Integrity API device integrity level soon from their service and that will end having any realistic way to work around it long term.
akc3n Wouldn't it have been better not to publicize this notice outside of here to avoid the "problem" being quickly corrected by the Revolut developers?
GrapheneOS are there any hints what those 3rd party "security SDKs" are called? Perhaps it is possible to reach out to the company that created it and try to find out why are they blacklisting graphene?
GrapheneOS Did anyone tried IO (italian governament ID app) might start ro work again?
grapheneos-enthusiast I have it installed on my Pixel 6 and it works. I'm just unable to upload my ID because "the device doesn't meet the security requirements".
IO version 2.80.0.9
GrapheneOS 15 build 2025011500
If anybody's in the Netherlands, this is what I got when complaining to the consumer agency here in the Netherlands about Revolut pulling the same shit:
Translated
Thank you for your message. In it, you write that with an Android phone, you can only use Revolut through Google. You want to know if this is allowed. Your question unfortunately falls outside our area of expertise. As a result, we do not have the right knowledge to help you further. We expect you to contact the Dutch Central Bank or the Netherlands Authority for the Financial Markets.
About De Nederlandsche Bank (DNB)
DNB is the central bank of the Netherlands. It oversees a safe and reliable payment system. And is the only bank responsible for issuing banknotes. Go to DNB's website for more information and contact.About the Netherlands Authority for the Financial Markets (AFM)
The AFM supervises the behaviour of financial institutions on behalf of the government. And on the products they offer. The AFM makes sure they give you clear and honest information about their products and services. If companies do not comply with the law, the AFM can fine companies. Go to the AFM's website for more information and contact.Translated with DeepL.com (free version)
Original
Dank voor uw bericht. Hierin schrijft u dat u met een Android telefoon alleen gebruik kan maken van Revolut via Google. U wilt weten of dit mag. Uw vraag valt helaas buiten ons werkgebied. Wij hebben daardoor niet de juiste kennis in huis om u verder te helpen. Wij verwachten dat u bij de Nederlandsche Bank of de Autoriteit Financiële Markten terechtkunt.
Over De Nederlandsche Bank (DNB)
DNB is de centrale bank van Nederland. Zij ziet toe op een veilig en betrouwbaar betalingsverkeer. En is als enige bank verantwoordelijk voor het uitgeven van bankbiljetten. Ga naar de website van DNB voor meer informatie en contact.Over de Autoriteit Financiële Markten (AFM)
De AFM houdt voor de overheid toezicht op het gedrag van financiële instellingen. En op de producten die zij aanbieden. De AFM let er op dat zij u duidelijke en eerlijke informatie geven over hun producten en diensten. Als bedrijven zich niet houden aan de wet, dan kan de AFM bedrijven een boete geven. Ga naar de website van de AFM voor meer informatie en contact.
I will be writing to those agencies linked there and if you're in the Netherlands, please do too. If you're in the EU, you can contact your European Consumer Center and they can help you find the right person/organisation to contact.
Let's not get steam-rolled by this.
