As much as I'd love to daily drive an OS like GrapheneOS, the risk of running into apps that use Google Integrity API thereby making it impossible to run those apps on Graphene is too much of an inconvenience.

I took a look at this curated list of bank apps[1] supported on Graphene OS and I'm glad that a large majority of them work on Graphene. However, just my luck that one of the banks I use on this list isn't supported.

In my country, the state is enforcing a lot of essential workflows to be digital-first (and in extreme cases digital-exclusive) and I dread to think needing these services at a critical moment and the choice of my OS making it impossible for me. This is more of a commentary on my government's choices but it's a reality for me.

In any case, I don't think it's practical to go cold turkey and switch to a privacy focused phone without testing waters first to see which of your of workflows break and then reason about the tradeoffs/workarounds.

I do admire folks who use GrapheneOS as a daily driver, I'd like to chat them up if I find them in the wild.

https://privsec.dev/posts/android/banking-applications-compa...

> In my country, the state is enforcing a lot of essential workflows to be digital-first (and in extreme cases digital-exclusive) and I dread to think needing these services at a crticial moment and the choice of my OS making it impossible for me. This is more of a commentary on my government's choices but it's a reality for me.

If my country did this I would get a cheap used device for this purpose and keep it powered off. I refuse to carry a pocket spy for the sake of convenience. I find that it’s rarely an issue.

Another daily GrapheneOS driver here. I've kept banking apps off my phone anyway, and I do banking via desktop/website (I don't understand why people need to do banking 'on the go') and just use a physical credit card for tap payments when I'm out and about.

I do have older Android devices that I have run banking apps on, that I can revert to if necessary, but there's a fair bit of inconvenience I would be happy to endure to avoid being forced into that final option.

What I would recommend is a slow transition, and just start using it at home. If you have GrapheneOS on it's most paranoid settings (exploit protections) there will be exceptions you'll need to allow for a few apps.

I worried about that too, but jumped in and it hasn't been an issue at all in two years. Including three bank apps. And it's usually so easy to reset to vanilla Android if you need to that it shouldn't be your moat.

As someone who daily-drives GrapheneOS, there isn't a single app that I want to use that is broken. I don't see any reason to use regular Android.

I wonder if it would be feasible to build an automated phone-using robot, and access it remotely for any kind of apps enforcing that type of crap. There is really nothing they can do in terms of device attestation to prevent it.

I run GrapheneOS as a daily driver and slowly removed all proprietary software from my device by looking for FOSS alternatives on F-Droid. Luckily, I'm able to access banking and government in a web browser on a dedicated profile.

I do have a second Android device with a stock ROM that I keep turned off in a drawer in case I ever need to use an app that requires Play Integrity in an emergency.

I believe there is some support for the API although its not perfect.

You're blowing this entirely out of proportion. The vast vast majority of apps work without issue with sandboxed play services. Yes it's less plug and play than a stock os. No it's not a life-ending inconvenience.

> As much as I'd love to daily drive an OS like GrapheneOS

The Play Integrity shenanigans is mostly on app developers.

That said, good thing GrapheneOS will launch its own Android phone: https://discuss.grapheneos.org/d/27687-new-manufacturer-theo... / https://piunikaweb.com/2025/10/13/grapheneos-ending-pixel-ex... / https://www.androidauthority.com/grapheneos-phone-wait-or-bu...

Provided GrapheneOS is cleared by Google to launch it as an "Android" device. Given the kind of changes GrapheneOS packs, it may or may not meet Android's mandatory CCD (compatibility) requirements.

Is the app the only way to access what you need? I've never once install the app of any bank I've ever used (10ish) and never found myself wishing I had.

but who says you have to limit yourself to one device? it's mildly inconvenient to carry more than one, sure, but the added benefit of an air gap between "serious business" and "personal life" is very much worth it, imo.

I've seen a couple of apps try to use Play Integrity, get blocked by GrapheneOS, and keep on running. Maybe I'm being locked out of something, but it's not something I use anyway.

Note that I don't use banking or government apps. If I bank online it's via the web.