Strappazzon

Revolut works again with the latest release that's currently available in the Alpha channel and will reach the Beta channel soon if no major issues are reported:

https://discuss.grapheneos.org/d/19436-grapheneos-version-2025012600-released

The changes made to work around Revolut banning GrapheneOS should also help with various other banking apps using the same awful SDKs. We also added a system intercepting Play Integrity API usage and showing a notification when it's used which links to a new per-app Play Integrity API configuration menu which includes the ability to block it on a per-app basis along with encouraging users to give feedback to developers via a shortcut to the Play Store page for leaving a review.

cdflasdkesalkjfkdfkjsdajfd Revolut doesn't have an understanding of what they're doing. It's the closed source third party libraries they use which are banning GrapheneOS. It's possible Revolut will start using the Play Integrity API device or strong integrity level which will end compatibility with GrapheneOS unless they implement https://grapheneos.org/articles/attestation-compatibility-guide. Don't stop leaving 1 star reviews and making support requests just because we ship a workaround. Keep doing it because their intention is still to ban GrapheneOS until this is removed.

Our next release successfully works around their ban on using GrapheneOS.

We've changed ro.build.host and ro.build.user (the build hostname and username) from grapheneos to other values. Nearly any other values work for those fields. Likely the only ones that are banned are ones consistently used by other aftermarket operating systems at least if they set them to a constant value as we do for reproducible builds. We chose to set them to android-user and r-0123456789abcdef-0123 to match the format currently used for the stock Pixel OS builds, which is specific to Google's build syste, and has changed multiple times over the years. Other devices do it differently. We don't expect any more issues from those.

Revolt also bans having ro.boot.verifiedbootstate set to yellow indicating using an aftermarket OS with the device locked and verified boot enabled. For some reason, they do permit ro.boot.verifiedbootstate being orange which means an unlocked device likely running a modified or aftermarket OS without security intact since at the very least verified boot and attestation are disabled, but likely much more security is lost too. They also don't use their checks on a userdebug build. To handle this, we're using standard infrastructure for setting compatibility values for properties for apps, which we've limited to user installed apps. In the future, we can also use this to match the stock OS build number, build hostname and other values if it ever proves necessary. We could do that proactively before we find apps banning GrapheneOS based on it in case some exist, but they probably don't so we probably won't do it without a known app requiring it.

It's incredibly strange that Revolut does this kind of nonsense. It's not clear what they're trying to achieve beyond harming GrapheneOS users. They haven't banned having a highly insecure device with no patches for 10 years and haven't even banned having the device unlocked with any aftermarket OS on it. They specifically banned having the device locked with an aftermarket OS or specifically having GrapheneOS. They also specifically banned several other aftermarket operating systems including LineageOS but those don't preserve the standard security model or set an honest security patch level so at least that could be weakly justified. Even that doesn't hold up to scrutiny when they permit a stock OS with no patches for 10 years and clearly unlocked devices. It's a complete joke.

Look at it as a cost per month for the guaranteed support period. The Pixel 6 has 22 months of guaranteed support, while the 7 has 34 months.

So if for example the Pixel 6 is $100 and the Pixel 7 is $150, that means the Pixel 6 has a monthly cost of $4.55 ($100/22 months), while the Pixel 7 has a monthly cost of $4.41 ($150/34 months). That means the Pixel 7 is the more valuable buy, assuming you have the extra $50 available.

Of course, the Pixel 8/9 series is significantly more secure, has more features, and has a longer support period. So it may be worth considering those too, again assuming you have the extra cash available.