I hate that many banking apps refuse to run on non-Google OSes. I can see that my banking app doesn't even work on GrapheneOS based on the link given in a sibling comment. It makes absolutely no sense from a security perspective since I am still able to log in using the browser, and the web app has the exact same UI and authorization flows as the actual app.
It all seems like a security theater with the consequence that, ooops, we just vendor locked in all our customers to run a less secure OS by a company whose business it is to collect personal data and show ads that people don't want to see.
Banking apps are spyware, that's why they avoid open source OSes, not because they want to vendor-lock you. Smartphone data collected by a banking app is basically the most valuable in the world for advertisers, as they get the telemetry instantly crossed with a full(ish) picture of your spending habits and all the KYC identifiers too.
No, the reason is legal. Everything, and I mean everything else is secondary. They can tell in court that they did everything what they could. Of course:
- it’s a lie
- not even a white lie, they know perfectly well, that they can do way more
- most of the security “features” are completely useless
- they also know this
However, it’s very difficult to prove these, and laymen don’t and won’t understand the details.
I'm always afraid of my phone getting stolen or losing it somewhere so I have a completely separate iPhone, which runs my banking apps. I keep that phone at home.
Depending on where you live, a burglary might be more common than a robbery. Why don't you just use the bank's website on your desktop computer (assuming you have a desktop computer)?
I'm in a similar position and I hate it. They somehow managed to convince themselves that if you issue tokens for 2FA within the mobile app it is still "two" factor authentication. Of course since you already have mobile app now, you can just use it directly (and there is no way to disbale that). So while webapp is 2FA, there is now a mobile app which is not. Good thinking.
I don't know if it has ended but you could reverse engineer the Symantec BS and convert it to regular totp. You likely need root to extract the internal store from the symantec app.
It depends what banking apps you use. Some are available. From my observation major banks in Poland work just fine. You can pay via NFC using the mBank app if you need to. Revolut also works fine. gPay just doesn't work however therefore you cannot pay with this via NFC.
I use my Garmin watch to pay for all things in physical stores anyway, so no need for NFC payments anyway.
Can you please clarify the Revolut part? Just to understand, you are saying that you are able to perform NFC payments via the Revolut app which you installed on your Graphene OS through the official Play Store? And you are based in Poland?
Have a second profile with fewer restrictions for those apps you think you need but don't want to compromise security for. My second profile has one app, which is my banking app with all the dependencies it rudely requires for functionality
You shouldn't root Graphene, it breaks its security model and is certainly the reason why Revolut doesn't work on your phone. It works like a charm on mine.
What kind of issues did you have? I think it does require google play services (which can be installed easily).
I have used GOS on a pixel 6 for the past two years with no issues.
The phone finally died on me last weekend, so I'm in the market for a new pixel which will be getting GOS right away.
Can you please clarify the Revolut part? Just to understand, you are saying that you are able to perform NFC payments via the Revolut app which you installed on your Graphene OS through the official Play Store?
Can you please clarify the Revolut part? Just to understand, you are saying that you are able to perform NFC payments via the Revolut app which you installed on your Graphene OS through the official Play Store? Where are you based? (asking because I start having the doubt that it might be geo-dependent)
