It is very ironic that the solution is using an old, insecure phone full of unpatched holes for all important banking and id business, because that one is vendor-allowed while your state-of-the-art GrapheneOS is not.

If only banks cared about state-of-the-art security.

In reality, banks couldn’t care less. They only care about checking boxes and don’t consider where these boxes come from; every unchecked box is a risk.

Did the latest sham "security audit" say that root is bad? They'll block it.