Best way to use banking apps in separate profile

parbleu

I'm trying to figure out or understand what’s the best approach to using banking apps. I have read the notes in the GrapheneOS user guide and the PrivSec listing.

I assume that my banking apps require Google services, but I don't know. Therefore, and to separate them from my everyday apps, I would like to put them in a separate profile. For which I see two options:

Use the the confidential profile to install the banking apps with the sandboxed Play Store.
Use a user profile, install the sandboxed Play Store there and then push the banking apps to another user profile without Play Store.

Do you have a recommendation?

c86

parbleu

Well, a separate user profile is going to be better than just private space.

I believe the most ideal setup would be to install full Google Play Services (burner or real account, user discretion) in that profile. Then downloading your banking apps within that profile.

If the banking apps require Play Services, I don't think they're going to be happy being pushed to a profile that doesn't have that running despite being downloaded in a profile that had it.

Aside, keep in mind you still may need to adjust exploit protection for them.

Further reading
https://privsec.dev/posts/android/banking-applications-compatibility-with-grapheneos/