Sim toolkit in user, non-owner, profile for Isoloting banking apps

indridi

Hello all,

I'm new to GrapheneOs, but have been running alternative android distributions on-and-off for some years.

After witnessing a online-banking phone-based mass-security breach in my closest family a year ago (all accounts stolen! Ended ok, but needed lawyers. Bank was very unhelpful...), I started thinking much more actively about security.
So, when the old phone needed replacement, it was pixel6a + grapheneos. Great so far!

Now, I'm trying to figure out a way to galvanize security around the financial things on the phone.
My take was to have personal banking apps in a specific user profile, with nothing else in it (and please feel welcome to comment on that approach). Here things become interesing:
In my country, we have a national electrical ID system to authenticate against online services (banks or government. Libraries or sports clubs!). You basically don't exist unless you use it. It relies on Sim Toolkit for authentication. It pops up a message, then you authenticate with a pin. I've become a bit paranoid about this ID system - if breached, someone could steal my money, sell my car, house and marry me to someone (all doable online). It's frightening how much you can do by typing a series of numbers.

Now, I tried putting the banking apps into a separate user profile (as opposed to the owner profile). However, when logged into the user profile, the electrical ID authentication failes to pop up, and if I switch to the owner profile to log in, the banking app has closed when I switch back (I don't want user profile to be able to run in background, for security reasons).
The user profile does not have the Sim Toolkit app installed, and I strongly suspect this to be the reason why I am unable to authenticate. I have not found a way to install the Sim Toolkit into the user profile.

(authenticating with everything in the owner profile works fine, btw).

So I have a lot of questions. Top three:

Is it possible to install Sim Toolkit into a non-owner profile?
If that is possible, would it make sense? Or would doing that maybe defeat the purpose of profile isolation?
Lastly, since I don't fully understand the role of Sim Tookit : might it make sense to use the owner profile for sensitive stuff (since sim toolkit is there) and use a user profile (where there is no sim toolkit) for all other things.

Greetings,
Indriði

N1b

Thanks for your detailed description. You're not paranoid at all, the system you describe is horrible and no government ever kept sensitive data like that secure over a long time.

Regarding the issue: Have you tried using the banking apps in the owner profile, just to make sure it is indeed a user profile issue? It could also be a Google Play Services issue (in case you have used MicroG on your other Android systems so far) or native code debugging. Check this out, maybe it helps: https://grapheneos.org/usage#banking-apps

Unfortunately (or fortunately) I don't have such eID system in my country, so I can't test it myself. Hope you'll find a solution since GOS looks like just the right system for your threat model and ideas.

doffactory

Did you try turning on Settings - System - Multiple users - banking account - Turn on phone calls & SMS?

indridi

doffactory
Yes, I already tried that. And I enabled Google services too. I can receive sms in the profile, but there is no sim toolkit and e-authentication doesn't work

indridi

No luck yet in enabling sim-toolkit for non-owner profile. Does anyone have any in-depth knowledge on this?

It seems that sim-toolkit is part of aosp and it exposes an app (com.android.stk) in the owner profile. However, it isn't possible to install this into a user profile in the same way as I can do with normal apps.

Assuming this isn't possible, I actually changed approach. Now, I have the only banking apps that rely on sim-toolkit in the owner profile, so it's kind of a variation of a "tidy owner" principle. Owner profile has a proper password, and fingerprint access disabled. Then everything else is in a user profile. That way, the most important stuff is isolated. Would have prefered not to have in the owner profile, but at least it's something.

Shawnn

Use a computer instead your phone.

https://youtu.be/0Em-J_3QYu4

https://inteltechniques.com/book7a.html

indridi

Shawnn well, the digital ID is phone only, its connected to the phone number. So there is no using computers for that.

Shawnn

Is your ''connection'' by phone is in fact a 2FA (Two-factor authentication ) ? If yes than you must be change-it for a e-mail (for exemple).

I don't know about ''national electrical ID system'' and the relation with Sim Toolkit. If you don't have a cell phone, you are a ''no-body''? At least, ''Sim cards'' are kind of ''microchip ID''; every-body have one?

Is ''national electrical ID system'' is 2FA actually? Apology

If you do not have any other options AND you HAVE TO use phone 2FA, is a second phone number (many options to get a second phone number) could fix your problem?