Can you set up google wallet on graphenos? / How to set up google wallet on grapheneos?

I tried adding a credit card to the google wallet app / Google Pay. Its response after giving all cc details is following:

This phone can't be set up to tap to pay

Your phone doesn't meet security standards to make contactless payments. It may be rooted or running uncertified software. For more info visit Google Pay Help or contact your device manufacturer.

  • all three google services and the wallet app are installed in a "shelter" profile
  • It has access to Network but nothing else.
  • pixel 6

Is this a limitation of grapheneos, or do I miss a specific setting for it?

    mobos No GPay/Wallet cannot be made to work on GrapheneOS and is a limitation in so far as Google Pay/Wallet requiring full SafetyNet compliance. GrapheneOS can pass BasicIntegrity but the OS cannot pass ctsProfileMatch as that would require GrapheneOS to be whitelisted by Google. Google Pay/Wallet requires both.

    Before the idea of bypassing the checks is brought up, as some other OSes or Root methods might allow, please read the following: https://nitter.net/freechelmi/status/1553326311854276608#m

      2 months later

      For those using GPay/Wallet for non-nfc things like airplane boarding passes, there are two ways I've found it can be accessed:

      Method 1: Navigate to Settings > Apps > Sandboxed Google Play > Google Settings > Settings for Google apps > Google Wallet

      Method 2:

      • Install Google Wallet from play store
      • Grant Google Play Services access to Phone and SMS permissions
      • Launch Google Wallet app
      2 months later

      Hello, everyone. Are there any news on getting GrapheneOS whitelisted by Google for NFC payments? Is there some procedure that GrapheneOS has to go through?

        HiperFall There isn't really a path for GrapheneOS to do that. GrapheneOS doesn't pass the checks Google requires to be considered a certified Android OS because it does things like adding the network and sensors permissions.

        If Google wanted (or any other app which uses Play Integrity API), it could support GrapheneOS by following this guide:

        https://grapheneos.org/articles/attestation-compatibility-guide

        It's up to them whether they'd like to do that.

        I wonder how hard it would be for a dev to create an app for Graphene which copies the NFC code off a debit or credit card and then relay it when authenticated with Fingerprint or something

          a month later

          Nopesef You can't just copy an NFC chip. The chip is a lot more sophisticated than just dumping data stored in memory. It has a CPU that processes transaction data for authentication purposes.

          keatonhj Surely this should be no.1 priority by GrapheneOS team. It's the only thing stopping mass adoption.

          I disagree. I was an iPhone user for 5 years before migrating to GrapheneOS. My bank did not wanted to give apple a share of payments so my debit/credit cards were never able be used in Apple Wallet.
          I think that the no. 1 priority of GrapheneOS should be its bread and butter: security!

          The thing is, there's nothing for GrapheneOS to prioritize here. It can't pass CTS tests beause it adds things like new permissions for greater privacy and security, so it is fundamentally incompatible with getting certified by Google.

          Apps that want to whitelist GrapheneOS while still using SafetyNet / Play Integrity API can do so using GrapheneOS's guide:

          https://grapheneos.org/articles/attestation-compatibility-guide

            [deleted] Could I get some more information on Catima? I ran into this issue where I could not download tickets to a sporting event because they wanted to use Google Wallet even in the browser. No desktop access possibility either which sucks. The companies are trying to cut out the reseller market.

            a month later

            matchboxbananasynergy Is there a place to read why better security and privacy is fundamentally incompatible with certification?
            Also I'm not sure it is the right attitude to assume Google would want to certify GrapheneOS, it is us, users of GrapheneOS, that should ping Google to do the certification, maybe with assistance of GrapheneOS developers (no idea if it is necessary).

            2 months later

            Honestly, this is the one thing preventing me from switching. I forget my wallet at home constantly, I am so used to paying for things with my phone. If they supported SOME sort of payment system - be that google pay, samsung pay, or a third party option, I would probably go out and buy a pixel today to switch. Until then - iPhone will keep being in my pocket.

              PartyingChair Contactless payments work fine on GrapheneOS. It's not like there's something fundamentally incompatible about them. It just so happens that the most prevalent implementation (Gpay) requires a Google certified OS. The options right now are as follows:

              1. People find alternatives (such as their bank) which provide this without using Gpay and don't require a certified OS themselves.
              2. This is implemented, which would at least temporarily allow people to use apps that require a certified OS on GrapheneOS: https://github.com/GrapheneOS/os-issue-tracker/issues/1986
              3. Apps currently requiring a Google certified OS whitelist it as per https://grapheneos.org/articles/attestation-compatibility-guide (though it is of course very unlikely that Google themselves would do this)