My banking app won’t work if I’m rooted and before that when I had developer mode on it wouldn’t work. Just gave me a error so I have the login to Firefox each time. I hate apps that block you because they can’t track you anymore
Banks that do this are just ignorant and hypocritical. Those same banks will let you log in from a web browser on the phone that is just as (un)likely to be compromised or from a desktop computer where you also have admin rights.
There is no additional security to be gained by a random megacorp that has leaks every other month “attesting” that I can use my things well.
And Google didn’t add attestation to make sure my bank details are safe, it did it as part of a concerted effort from the industry to make sure I am not able to make my computer work as I want it to work and run code I want it to run. Google does not care about bank fraud as long as it doesn’t affect its stock price.
The complaint isn’t, “banks allow connections from browsers that might be compromised!”
The complaint is, “banks claim they cannot allow apps to run in scenarios where they can’t determine if anything is compromised but have been perfectly fine doing it and continuing to do it in the case of browsers, so their stated reason sounds like bullshit.”
Those complaining about Google wanting to add attestation either didn’t want that in the first place, or don’t want the trade-offs required for such a thing to work. Like remote banking requiring using a corporate-approved platform and ad blocking not being as agile.
My bank locked me out of my account with their latest authenticator app update, I had to install an old version from backup. Which I only could do because my phone is rooted. I’m switching banks this year, not to one where the app won’t lock me out (apparently that just isn’t a thing, I’d gladly sign some paperwork about liability too, but nope) but one where I can still use a separate, purpose-built authenticator device. Because mine stopped supporting that for no reason.
All of these bullshit security functions in Android and iOS seem to be there to be used by third parties against the device’s owner. If Google and Apple actually cared about privacy and security they wouldn’t let trash apps like WhatsApp steal your entire contact list.
My bank apps (three different Australian ones) are fine with developer mode, but not root, and not unlocked bootloaders
They block you because the phone can’t “guarantee” it’s not corrupted. Theoretically it’s for your protection as an unlocked bootloader means there’s no local security, you may have used root to install something that breaks their security model
I understand that side loaded apps can also reduce your device integrity score
I changed banks partially because of this. Ally bank would fake a “couldn’t connect” error on the first 2 attempts and then succeed on the 3rd attempt. I switched to aspiration bank and their app works perfectly fine.
My banking app won’t work if I’m rooted and before that when I had developer mode on it wouldn’t work. Just gave me a error so I have the login to Firefox each time. I hate apps that block you because they can’t track you anymore
Banks that do this are just ignorant and hypocritical. Those same banks will let you log in from a web browser on the phone that is just as (un)likely to be compromised or from a desktop computer where you also have admin rights.
that’s why chrome added remote attestation and yall threw a fit
There is no additional security to be gained by a random megacorp that has leaks every other month “attesting” that I can use my things well.
And Google didn’t add attestation to make sure my bank details are safe, it did it as part of a concerted effort from the industry to make sure I am not able to make my computer work as I want it to work and run code I want it to run. Google does not care about bank fraud as long as it doesn’t affect its stock price.
this is the fit i mentioned
The complaint isn’t, “banks allow connections from browsers that might be compromised!”
The complaint is, “banks claim they cannot allow apps to run in scenarios where they can’t determine if anything is compromised but have been perfectly fine doing it and continuing to do it in the case of browsers, so their stated reason sounds like bullshit.”
Those complaining about Google wanting to add attestation either didn’t want that in the first place, or don’t want the trade-offs required for such a thing to work. Like remote banking requiring using a corporate-approved platform and ad blocking not being as agile.
Change banks bro.
Or you could just not bank or just live in the woods. Some things are not as simple as it seems.
It’s really not that difficult to open a new account and transfer your money
I argue that not rooting your phone and not moving to another bank each time a bank decides to change it’s security protocols is much easier.
A lot of banks don’t care if you root your phone. In this instance it’s actually easier to move banks.
My bank locked me out of my account with their latest authenticator app update, I had to install an old version from backup. Which I only could do because my phone is rooted. I’m switching banks this year, not to one where the app won’t lock me out (apparently that just isn’t a thing, I’d gladly sign some paperwork about liability too, but nope) but one where I can still use a separate, purpose-built authenticator device. Because mine stopped supporting that for no reason.
All of these bullshit security functions in Android and iOS seem to be there to be used by third parties against the device’s owner. If Google and Apple actually cared about privacy and security they wouldn’t let trash apps like WhatsApp steal your entire contact list.
My bank apps (three different Australian ones) are fine with developer mode, but not root, and not unlocked bootloaders
They block you because the phone can’t “guarantee” it’s not corrupted. Theoretically it’s for your protection as an unlocked bootloader means there’s no local security, you may have used root to install something that breaks their security model
I understand that side loaded apps can also reduce your device integrity score
I changed banks partially because of this. Ally bank would fake a “couldn’t connect” error on the first 2 attempts and then succeed on the 3rd attempt. I switched to aspiration bank and their app works perfectly fine.
There’s magisk hide. Doesn’t always help, but worth the try.
Or just use n26. no such BS on their side.