My suspicion is also that Volkswagen changed something in the device integrity check or in the login flow. Since the app appears to use the Play Integrity API, it may now depend on a specific integrity verdict. If this is enforced server side, downgrading the app or using Compatibility Mode would probably not help.
Important point: The device is not rooted, the bootloader is locked and GrapheneOS is running with Verified Boot. This is not an insecure or modified rooted setup.
In my opinion, the most useful next step is to contact Volkswagen support in a coordinated and technically precise way and point them to the GrapheneOS Attestation Compatibility Guide. Volkswagen could use Android hardware attestation instead of relying only on Play Integrity and allow the official GrapheneOS verified boot keys.
Here my Mail to support. Please feel free to copy.
Dear Volkswagen Support Team,
I am contacting you because the Volkswagen app no longer works correctly on my smartphone after the most recent app update. Specifically, I am no longer able to complete the login process in the app. Before the update, the app worked in the same environment without this issue.
My technical environment is as follows:
Smartphone: Google Pixel
Operating system: GrapheneOS
Volkswagen app: latest version from the Google Play Store
Google Play services: installed and up to date
Google Play Store: installed and up to date
App installation source: directly from the Google Play Store
Root access: no
Bootloader: locked
I have already tried the following troubleshooting steps:
Restarted the Volkswagen app
Cleared the app cache and app data
Uninstalled and reinstalled the Volkswagen app directly from the Google Play Store
Updated Google Play services and the Google Play Store
Tested the app in a clean user profile
Checked network, VPN and DNS settings
Verified that login via browser works
Since the app was installed directly from the Google Play Store, Google Play services are present and up to date, and the device is neither rooted nor insecurely configured, I suspect that the issue may be related to a change in the login process or in the device integrity check of the app.
One possible technical cause could be the use of the Google Play Integrity API or a similar device attestation mechanism. GrapheneOS supports Sandboxed Google Play, but it is not a classic Google certified Android operating system. If the Volkswagen app has introduced stricter Play Integrity requirements since the latest update, this could explain why login no longer works on GrapheneOS.
I would therefore kindly ask you to forward this case to the responsible technical app development team and have them check whether any changes have recently been made to the device integrity check, the login process, or the Play Integrity requirements of the Volkswagen app.
Could you please specifically check the following points:
Whether this issue with GrapheneOS is already known
Whether the Volkswagen app has introduced stricter device integrity requirements since the latest update
Whether any server side changes have been made to the login process or device verification
Whether secure use of the Volkswagen app on GrapheneOS can continue to be supported
Whether there is any recommended setting or temporary workaround for affected users
GrapheneOS is a security focused Android operating system with a locked bootloader, Verified Boot and hardware backed attestation. It is not a rooted or manipulated system.
If you require any further information, I would be happy to provide screenshots, exact version numbers or additional technical details.
Thank you very much in advance for your support. I look forward to your reply.
Kind regards,