| ▲ | lrvick 2 days ago |
| I have never heard of a bank that has a hard requirement of a mobile app. Certainly none of the major banks like Wells Fargo or Chase require one. I do not own a phone and managers at times have to come up with undocumented fallback methods, but there is always a way. I cannot imagine a legal defense for forcing someone to accept the terms of service of Apple or Google to use their bank account. |
|
| ▲ | Freak_NL 2 days ago | parent | next [-] |
| > I have never heard of a bank that has a hard requirement of a mobile app. It shouldn't be a thing, but it is. In the Netherlands the newer digital-only banks are allowed to do this. No smartphone, no service. The more established banks (systeembanken) do have alternatives, but realistically not using their app for login auth and transaction approval is a huge pain in the ass. (My bank, ABN AMRO, has an app which thankfully works fine on GrapheneOS.) |
| |
| ▲ | superkuh 2 days ago | parent [-] | | That sounds like it's a hard requirement for checking your bank balance/etc over the internet. Can't you just not do that and phone them up or go in person or read the monthly sent paper balances? Or just keep track yourself... A bank without a physical location is something I'd steer well clear of. I barely use my bank's website and could easily not use it at all and still have all the functionality that a bank provides. | | |
| ▲ | Freak_NL 2 days ago | parent [-] | | Paper balances and visiting your local branch are mostly a thing of the past. Calling them is an exercise in extreme patience. My bank all but discontinued actually visiting them except for certain specific things. In the Netherlands (and beyond) online payments (shops, Steam, etc.) are made via the IDEAL platform run by the Dutch banks collectively. That is a good thing, because payments are secure and easy, and no one needs a credit card. But that does mean using your bank's web service to approve those payments. Using the bank's offline OTP hardware (where you insert your debit card and enter a PIN and the code generated by the bank's website for an OTP) is possible, but using the app is significantly less effort than that. There is very little point in resisting it. It's not a healthy situation, but it is the reality. | | |
| ▲ | lrvick a day ago | parent [-] | | The point in resisting it is to waste their valuable time on whatever the worst appless methods are, so they are forced to improve the efficiency to keep profits high if enough people do it. If you install the app then you are complicit in normalizing the requirement of signing terms of service and data sharing agreements to US technology companies in order to do banking. Be the person that demands better. Be the squeaky wheel. Call politicians and press if needed. Stop this shit now before it becomes expected for school and healthcare too. | | |
| ▲ | Freak_NL a day ago | parent [-] | | There are only so many things you can actively fight. I can choose to actively pursue a number of topics and be the annoying squeaky wheel there, but not everything. This is one topic I cannot invest more time in, and which won't yield any significant returns even if I did. There are a number of topics where my voice can still make a difference, I focus on those. |
|
|
|
|
|
| ▲ | dijit 2 days ago | parent | prev | next [-] |
| In Sweden we use BankID (there is a similar service with the same name in each Scandinavian country). It's impossibly convenient to be perfectly fair with you, however I know that my bank has stopped issuing the "BankID Card" (which was a card and pin device that allowed you to generate challenge numbers)- and now forces you to use the BankID app -- which will not run on rooted phones of course. It's even slightly worse as the App requires NFC; so I can't keep a backup on my iPad (which is what I was doing before). |
| |
| ▲ | finaard 2 days ago | parent | next [-] | | It is quite possible that you still may be able to obtain it by annoying them - in some cases provisions related to supporting disabled peoples can prevent them from fully getting rid of it. On the last change my bank made me call to their hotline (even though everything else is possible to be done online) to keep using a separate hardware device - which ended up being just "so, you don't want to do it on a phone?" - "yep" - "ok, should be with you in a week or so". I nowadays consider my phones pretty much throwaway devices - I don't have full control, I can't fully trust them. Plus they could be stolen, break when I drop it into water outside, ... - so I think it's ridiculously stupid to tie anything important to a phone as main authenticator. Overall the usefuleness of a phone has been declining steadily - the selling point of a smart phone originally was that I have an app, and because it's a reasonably trusted device it'll store credentials, and I can use the app without logging in every time. By now most of the apps are just repackaged websites, and because of that - and because they don't trust their backends - we now have quickly expiring tokens in use in the apps as well. Most of the apps I don't use every day - and over the last few months every single one wanted me to log in again next time I used it. Adding to that the nonsense of "there's a new app available, download that first before using" which typically doesn't add anything of value to me, and we're now at a state that not only does the typical smart phone app not offer a benefit over just using a website - it now often is even worse than just using a website. | |
| ▲ | lawn 2 days ago | parent | prev | next [-] | | BankID works great on GrapheneOS fortunately. | | |
| ▲ | NoGravitas 2 days ago | parent | next [-] | | Interesting. Does this mean that it is using a lower level of Play Integrity API checking (ie not hardware attestation), or are they using the open hardware attestation API (which... exists but is almost never used)? https://grapheneos.org/articles/attestation-compatibility-gu... | | |
| ▲ | lawn a day ago | parent [-] | | I have no idea, but I've never gotten the "this app is using Play Integrity" warning with BankID so maybe it doesn't use Play Integrity? |
| |
| ▲ | dijit 2 days ago | parent | prev [-] | | Really? I never even installed the play store because it didn’t work on LineageOS. I guess I absolutely need the play store to get BankID on the phone- so I’ll try that now with my Pixel 7. | | |
| ▲ | lawn a day ago | parent [-] | | Yes. The only issue I had on GrapheneOS was that I had to play with the location permissions a bit when I wanted to copy the BankID to GrapheneOS from another phone (I've got some pictures of that in this blog post: https://www.jonashietala.se/blog/2025/08/28/ill_only_buy_dev...). All other Swedish bank accounts I've tried have also worked great (including Swish). |
|
| |
| ▲ | lrvick a day ago | parent | prev [-] | | If you install the app then you are complicit in normalizing the requirement of signing terms of service and data sharing agreements to US technology companies in order to do banking. Feel free to say you are a member of the Church of Cryptography and that installing proprietary corporate controlled apps is against your religion. Never been asked to install an app for banking, but a health care clinic dropped me as a patient for not buying a phone that can install their app. I was the first case where a patient refused to conform. Found a new clinic who was willing to earn my business with phone and email correspondence. The original clinic escalated the case to corporate HQ when I filed a public medical malpractice complaint, and they ultimately responded by adding a webapp. DEMAND the right to live your life without corpotech in your pocket. I am now 5 years without a smartphone working as an engineer and founder with an active social life who frequently travels and it can absolutely be done. |
|
|
| ▲ | adrian_b 2 days ago | parent | prev | next [-] |
| In Europe there are, e.g. at least some subsidiaries of Societe Generale, which have closed their Web sites on which their online banking services were previously available, and which refuse to provide their mobile apps otherwise than through the Google Store. I doubt very much that it is possible for this practice to be legal, i.e. to condition the services of an European bank of the existence of a contractual relationship with a third party, which is non-European. Nevertheless, nobody has enough spare time and money to challenge legally such banks. Now I do my operations mostly through other banks that still have browser-based online banking, but I have not closed yet my last account at such a Societe Generale subsidiary, because I have regressed to use an antique SMS-based substitute for online banking, which is good enough for that account, which I keep only for a credit card used mostly for shopping in supermarkets or the like. |
|
| ▲ | 654wak654 2 days ago | parent | prev | next [-] |
| > I have never heard of a bank that has a hard requirement of a mobile app My bank's app recently started warning me that I should "Turn off developer mode" for """security""" on every sign-in. This warning doesn't stop me from using the app yet, but I'm sure it'll get there. |
|
| ▲ | teekert 2 days ago | parent | prev | next [-] |
| Bunq comes to mind, I'm guess N26 and Revolut are similar, app first "fin-tech" banks. |
|
| ▲ | close04 2 days ago | parent | prev [-] |
| > I have never heard of a bank that has a hard requirement of a mobile app My banks all require their own individual apps for authentication and authorization. I can use the website but to log in and authorize any transactions I need their app. Ironically this runs on my 8 year old Android 10 phone (used as a backup) so security can't be part of it. |
