| ▲ | nottorp 2 hours ago |
| Are these non Google non Apple phones viable any more? Considering you almost can't do banking, and in some places interact with the government, without a locked down phone... |
|
| ▲ | rolandog an hour ago | parent | next [-] |
| They will be able to do banking at least once the legislators tear down the walled gardens in a sensible way. Are the security benefits from the Appstore/Playstore real or security theatre? I'm pretty sure that, if there are security benefits, they have been artificially tied to the use of the company's distribution method, that coincidentally really needs to be sending usage statistics, monitoring, etc. Surely there exist no conflicts of interest to be found. |
| |
| ▲ | Cpoll an hour ago | parent | next [-] | | Would you bet your company on that happening soon? :) | | | |
| ▲ | gbrindisi 15 minutes ago | parent | prev [-] | | fifteen years ago I use to do mobile pentests for banks and when we could not find anything significant for the reports we could’ve always count on “lack of rooting detection” and pin the risk on some vague mobile banking malware threat pushed by marketing. I am sorry I contributed to this nonsense. 100% security theater, and here we are. |
|
|
| ▲ | amarant an hour ago | parent | prev | next [-] |
| Looks like the Swedish bankid at the very least actually does work on sailfish[1]! Not sure about equivalent apps for other regions, but I don't see why they shouldn't work. [1] https://forum.sailfishos.org/t/swedish-bank-id-swish/11781/3 |
|
| ▲ | poulpy123 an hour ago | parent | prev | next [-] |
| Afaik there is an android compatibility layer but I don't know if it allows banking apps to works |
| |
| ▲ | lukeasch21 an hour ago | parent | next [-] | | It would not in principle, those rely on hardware backed keys with Google's latest iteration of Google Play Integrity. The only success people have had is by using leaked vendor keys and spoofing device fingerprints for old A11-era devices which did not have the hardware baked in. In time even this avenue will no longer work. People have been trying to get around it for a while [1] but afaik the concept is cryptographically airtight. [1] https://xdaforums.com/t/discussion-the-root-and-mod-hiding-f... | | |
| ▲ | jeroenhd 13 minutes ago | parent [-] | | My banking app works fine on a rooted phone that I don't bother faking a proper Play Integrity signature for. Except for a warning about the phone being rooted when setting it up, of course. I'm not 100% sure what happens when you have integrity and lose it by rooting your phone, but I imagine the bank app will log you out. Bank apps only stop working because banks decided they know better than you. Unfortunately my bank also switched to Google Pay which does require Play Integrity, so contactless payments are out of the question on that phone now. Maybe if Wero compatible terminals extend support for QR payments I could use my bank app again on that phone. |
| |
| ▲ | HNisCIS an hour ago | parent | prev [-] | | Maybe I'm out of the loop but what is everyone doing with banking apps on their phones that's so essential. I see this argument all the time but it's baffling to me. | | |
| ▲ | distances an hour ago | parent | next [-] | | For quite many banks a mobile phone is now the only 2FA they support. | | |
| ▲ | NewJazz an hour ago | parent | next [-] | | So glad my brokerage supports good old totp. | |
| ▲ | nottorp an hour ago | parent | prev [-] | | Or worse. My bank closed down their old online banking site and the new one needs the phone for 2FA... but ... drumroll ... ... the idiots also want me to keep using the token device to log in before approving the log in via my phone. Security theater. | | |
| |
| ▲ | Tade0 41 minutes ago | parent | prev | next [-] | | MFA largely, some banks also provide wallets for contactless payments. I refuse to have my browser fingerprinted as a "trusted device" because part my bank is just bad at it. | |
| ▲ | IshKebab 42 minutes ago | parent | prev [-] | | Paying for things? Transferring money? What else do you do with a bank account? |
|
|
|
| ▲ | BoredPositron an hour ago | parent | prev [-] |
| If you use it without compatibility layer it's probably on the same level as a kaios phone. There is a lot of slop on the sailfish store. |
