Hello everyone,

I have been using GrapheneOS for a few months now on a Pixel 8a and I am very happy with it. I install & update all of my apps through the Aurora Store, however, I did install the Play Store to ensure that an app which I use daily (Flightradar24) works, since it wouldn't work without Play Services. I don't use the Play Store for anything, just to make sure F24 works.

Lately I have been getting notifications that certain apps used the Play Integrity API (for example WhatsApp). Today an app installed through Aurora stopped working and showed a message saying the app needs to be installed through the Play Store if I want to keep using it (the App was DEX Screener, a crypto currency app). I have since deleted the app and now I am thinking of going completely Googlefree and deinstalling the Play Store again. Which brings me to my questions:

  • Can I somehow check which of my apps absolutely require the Play Store / Services to run (other than just deinstalling the Play Store and going through every single app and see if it still works)?

  • When I do get a notification about an app using the Play Integrity API, should I block this app from using it again? The option is given by GrapheneOS when the notification pops up. However, I am not a developer and don't have a proper understanding of what exactly that entails; what the consequences of that are with regards to device security.

I appreciate help and advice. Thank you in advance!

    clattygobshite When I do get a notification about an app using the Play Integrity API, should I block this app from using it again?

    There is no benefit to blocking it, unless the app is otherwise not working. In some cases, blocking it might allow the app to work. In other cases, blocking it might break an app that would otherwise work fine.

        Probably9857 thank you for the answer. Since I didn't really need the crypto app I chose to deinstall it. But I am wondering if whatsapp for example will soon stop working as well, since I get the API notification for whatsapp every other day now. For Reddit, too. I'd love to replace whatsapp with signal but it's the age-old problem: everyone uses whatsapp and noone wants to switch.

            clattygobshite

            If an app is using the Play Integrity API, and continues to work fine, I don't think that is any reason to expect it to stop working in the future.

            If they wanted to do that, they could be doing it now.

              Probably9857 Yes, I know. But I wanted to look into the whole thing first and get an understanding of what it all means before I choose to ignore the notifications.

                10 days later

                IMHO, if you get notifications of apps using Play Integrity API, while still currently working, you should take this as a warning that future versions of those apps might block you for using a non-standard OS.

                I got very close to finding myself unable to access several thousand dollars worth of savings when my fancy yuh fintech app was updated and decided that my phone was not compliant. Obviously, the help desk was completely useless, offering absolutely no solution to recover my money. In the end, I was lucky enough to get my money back by uninstalling the app and installing the previous version's apk.

                There are more and more fintech offerings like yuh or Revolut that rely exclusively on a phone app to manage your funds, with no website available. This is very dangerous and could turn a lot of people away from de-googling their devices.

                a month later