I can confirm that Commbank app can be set up as tap and pay here in Australia on Graphene os Pixel 7 pro. used this morning. Ta
Gpay alternatives for grapheneos?
Unfortunately we can't use Samsung pay on pixel....
Wonderfall Paylib still function for contacless payments? I thought they disable this function to be only a friend to frien payment app?
15 days later
Just sharing my findings here.
I tried today using Curve Pay (downloaded from Huawei store manually) Here is a guide on how to download apk from huawei store without using their gallery app store.
https://aiomobilestuff.com/how-to-download-an-apk-from-appgallery-on-your-computer/
OR direct download APK url for Curve Pay https://appgallery.cloud.huawei.com/appdl/C102372409
It starts up all fine, can log in, set up, retrieve account details, see transaction history and so on.
It popups asking for HMS Core (I guess it's similar to Google services, since it's called Huawei mobile services) and this can be easily tapped away.
There is a button that pops up asking to activate Curve Pay, upon pressing this button it just spins and spins, and nothing happens.
I will try later today in another profile to install HMS Core and Curve to see if it's possible that way, and also after that to try to uninstall HMS Core.
[deleted]
JayJay I'm pretty sure you need to install HMS Core Services and cannot be uninstalled and continue to use Curve Pay.
Sincerly, I'm not much confident from Google but much less on Huawei.
I think the best solution is to find a bank that implements in their app the pay services, like BBVA, Openbank and maybe others...
My second findings and backup option if above will not work, will be to purchase https://www.spigen.com/products/pixel-7-case-slim-armor-cs
and put my card in the slot instead. I read reviews that it will be tappable this way anyway.
They have the same but in Pixel 7 Pro version too for anyone who is looking for it.
[deleted]
JayJay wow! really? I'm assuming it's a prepaid card, but still, it doesn't seem the safest thing in the world...
9 days later
So i made all possible tests in a new profile with the Huawei version and just couldn't get it to work properly.
New profile, downloaded app gallery, hms core, Huawei wallet, curve installed.
I have the button activate curve pay which I've always had. Even with with google version. Upon pressing it, it just spins and nothing happens. Same as google version does.
I am unsure which sources has been reporting a working curvepay on graphene but it sure doesn't work when I tried it.
Anyone who has a success story to share?
JayJay Unfortunately, in another topic somewhere here I have exactly the same story as you.
I'm trying to get anything from Curve Support and the fact that I'm a paying customer doesn't seem to change anything, as their first reply to any kind of question takes 4+ weeks (yes, really) and after those 4 weeks they ask me what model I have, which is something I wrote in the first sentence and it's been like that for months already so I have a feeling they're having some big issues in general.
As a conclusion - if Curve is currently and potentially the only possible alternative to Google Pay in GOS, then we got nothing.
Before someone says "But there is a bank X in country Y that supports NFC!" - specific banks in specific countries that support NFC directly are not GPAY alternatives and this is not what we're looking for in this and all other GPAY related topics.
I just read your other topic and yes, I had the exact same experience as you then. So far there are no solutions here which is too bad. Curve always answer after 3-4 weeks which seems to be their standard, not so good customer experience but since the service works fine otherwise, we don't need to get in touch with their customer service department.
I am not sure who has started the rumour that the CurvePay works with Graphene for using NFC tap, I can hereby say it is not working at all. Regardless which version we try.
During my research I found that LineageOS has a way to pass SafetyNet, with a module called ih8sn which does not require root even. However it does not work with Graphene according to users who tried in forums.
https://forum.xda-developers.com/t/guide-ih8sn-pass-safetynet-without-magisk-root.4450323/
https://twitter.com/osm0sis/status/1477333035230154755
So the issue seems to be within GrapheneOS here as there are ways of circumventing it obviously.
2 months later
Are you able to share exactly what you did to get the CommBank app working? When I try and use the app and add a contactless card, I get the following error message "An error has occurred. Please try again later". No matter what I try the error persists and I can't add any cards. The rest of the app works without any problems.
Things I've tried:
- Checked NFC is on
- Checked that CommBank is selected as payment provider under NFC Contactless Provider
- Checked permissions are allowed in CommBank app
- Checked permissions are allowed in Play Services and Framework
I am running the latest version of Graphene OS on a Pixel 6. I have the CommBank app installed in a separate profile with Google Player services activated in that profile.
18 days later
A couple of people from Slovenia (Europe) tested several banking applications and it seems that the majority is working (including NFC payments). Also, a friend of mine contacted one bank, explained them he is using GrapheneOS and what i t is, and they said they will look into it and adapted their app to be working on Graphene!
I would personally seriously consider changing bank if their ap would not work on my phone. In my case there were some tricks to enable it (opening the URL's in the app was not enabled by default), but support centre from my bank helped me and we solved everything.
But hey, I am living in developed country! :D
Matthai Also, a friend of mine contacted one bank, explained them he is using GrapheneOS and what i t is, and they said they will look into it and adapted their app to be working on Graphene!
That's great! Which bank? Maybe their developers could be interviewed by some online Android magazine about how much effort it took?
First of all this will never work at least in America, till support is added for hardware attestation as mentioned in the FAQ on install page...along with Android Auto because critical core services are no longer installed as system, EVERYTHING is installed as a user app.
Second, there are workarounds especially for those in America, but it's not what you hoped.
- Place your NFC Tap-To-Pay enabled card between case and phone, however this won't work if you're debit/credit card is not NFC enabled.
- Pickup a smart watch that has it, since it pairs to the phone not run on the phone it will work. For example I have a Garmin Watch (Wifi NOT LTE but they work too) and I can add cards to it through Revolut and/or Stash. My bank hasn't jumped into the Garmin bandwagon yet (USAA) but I can just deposit money into Revolut and use one of their virtual cards. It's really pretty easy and the watch was a great investment to get more active while being a lazy PoS not wanting to pull out my debit card.
- Throw money at the Open source alternatives mentioned above so they finish developing the app and services.
I tried the Huawei thing, Curve. They approved me for credit but app wouldn't work for NFC. I tried all sorts of apps. Only thing to work was a smart watch and I liked how Garmin had traditional modern designs.
Matthai Also, a friend of mine contacted one bank, explained them he is using GrapheneOS and what i t is, and they said they will look into it and adapted their app to be working on Graphene!
I'm not sure if that means that the developers followed https://grapheneos.org/articles/attestation-compatibility-guide to support GrapheneOS, but if so, that's great.
Can you let me know what app that was? A link to the Play Store would also be great.
8 days later
JayJay after being hyped about this and starting to research if i could use ih8sn on my google pixel device, it turned out that SafetyNet has been superseeded by Play Integrity API at least according to this post on xda-developers, which really sucks if you ask me. :/
5 months later
Any update on this?
a month later
- Edited
My guess is the app is flaged as untrusted while it tries to Mount in /tempts and gets selinux denials:
first on app launch:
10-28 21:21:52.339 W/mount (24194): type=1400 audit(0.0:253331): **avc: denied { search }** for name="vendor" dev="tmpfs" ino=45 scontext=u:r:untrusted_app:s0:c29,c258,c512,c768 tcontext=u:object_r:mnt_vendor_file:s0 tclass=dir permissive=0 app=com.imaginecurve.curve.prd
10-28 21:21:52.339 W/mount (24194): type=1400 audit(0.0:253335): avc: denied { getattr } for path="/metadata" dev="sda24" ino=2 scontext=u:r:untrusted_app:s0:c29,c258,c512,c768 tcontext=u:object_r:metadata_file:s0 tclass=dir permissive=0 app=com.imaginecurve.curve.prdAnd then when hitting "enable curve pay" with the same error.
Reading from https://www.linuxtopia.org/online_books/getting_started_with_SELinux/SELinux_log_file_messages.html
The "avc: denied" means that the operation was refused.
The "{ getattr }" means that someone tried to stat() the file. In this case, the file's attributes were looked up first (or at least, the operation tried to look them up), couldn't get those attributes and gave up.
The contents of the braces {} contain the operation or operations that were relevant to what SE Linux was doing. SE Linux can audit both allow and deny events, and in this case was auditing a deny and as such, tells you want was denied.
"for pid=" is the process id of your operation.
"exe=/usr/bin/vim" is the command you executed (in this case, vim).
"path=/etc/shadow" is the path to the object you tried to perform an operation on.
"dev=03:03" is the device number of the block device used for the file system concerned. So the first "03" means hda and the second "03" is 3, so this "dev=03:03" refers to /dev/hda3 (or if you're running devfs /dev/ide/host0/bus0/target0/lun0/part3). When SE Linux is auditing permissions it doesn't know the full path of the object you're trying to perform an operation on so it can't log anything but the device that you mounted and the location within the device. All it knows is the path relative to the file system, and the block device number for the file system. Say you access /etc/shadow. SE Linux doesn't know this file is in the root file system. All it knows is that the file is /etc/shadow within the file system it is working on.
"ino=123456" is the inode number of the object (in this case /etc/shadow)
"sc is the source context of the process performing the operation.
"tc is the security context of the target object (/etc/shadow).
"t means that the target object is a file.
In plain words app want to read system folders and gets rejected
ls /metadata
apex lost+found sepolicy vold
bootstat ota staged-install watchdog
gsi password_slots userspacereboot
I'm rooted , not on a pixel device , not on grapheneOS but I can test things up If any android Dev reads here and can make any sense from this and how to troubleshoot it
ippo Hey!! I do have a question, so, we've been trying to sideload the apk file of Curve (from Huawei App Gallery because it is the one which curve pay works on Huawei devices - NFC contactless payments) on Huawei Watch 3/4 which have NFC and same Huawei core, but all the people who tried they just stuck on curve pay loading screen and never actually enables the pay function on the watch. We really don't know what the cause for that is. maybe u can shed some light into it. look here: https://xdaforums.com/t/watch-3-3-pro-huawei-pay-curve.4482473/page-3#post-88970807