884
Paying without Google: New consortium wants to remove custom ROM hurdles creating an open source alternative to Google Play Integrity (www.heise.de)
submitted 2 days ago by Argyle13@lemmy.world to c/opensource@lemmy.ml
79 comments fedilink hide all child comments

Pay securely with an Android smartphone, completely without Google services: This is the plan being developed by the newly founded industry consortium led by the German Volla Systeme GmbH. It is an open-source alternative to Google Play Integrity. This proprietary interface decides on Android smartphones with Google Play services whether banking, government, or wallet apps are allowed to run on a smartphone.

you are viewing a single comment's thread
view the rest of the comments
[-] beyond@linkage.ds8.zone 62 points 1 day ago

GrapheneOS is critical of this initiative here and I think their criticism has merit. This simply moves the gatekeeper from Google to a handful of OEM's who won't let you use anything other than their blessed OS's.

[-] Delascas@feddit.uk 32 points 1 day ago

Has the GrapheneOS team ever, once, been supportive of ANY other custom ROM initiative? I ask this as someone with both a GOS Pixel10 and a FairPhone 6 running /e/ on my desk this week.

For as good as their security approach is, their constant shit talking of others also making efforts to free us from big tech helps no-one.

Oh the irony of using the phrase "blessed OS's" coming from the GOS camp.

[-] beyond@linkage.ds8.zone 7 points 22 hours ago* (last edited 22 hours ago)

I wouldn't characterize myself as "the GOS camp" (I use LineageOS) I just happen to agree with them sometimes, and this is one of those times.

I do imagine this response is to some degree influenced by their beef with /e/ (an OS I don't have a high opinion of either, but for other reasons). It just seems to me that people see "not google" and think it's a good thing, but a gatekeeper determining which OS you are allowed to use with what apps is fundamentally a bad idea even if it's not google.

[-] detren@sh.itjust.works 11 points 1 day ago

Yeah it seems they really let perfect be the enemy of the good.

[-] gandalf_der_12te@discuss.tchncs.de 2 points 1 day ago

I'd say if you have more alternative gatekeepers, that means you have more options and that gives the user more power (to choose).

[-] 3abas@lemmy.world 2 points 1 day ago

Or we can back an option without a gatekeeper...

[-] Don_alForno@feddit.org 1 points 4 hours ago

Does one exist?

[-] gandalf_der_12te@discuss.tchncs.de 3 points 1 day ago

sure we can, the only question is who's legally liable if things go wrong

[-] potustheplant@feddit.nl 10 points 1 day ago

Agree. This type of systems are not even necessary.

[-] 20dogs@feddit.uk 6 points 1 day ago

One or more neutral organizations could exist certifying devices and operating systems without providing a centralized API. Those organizations could simply provide signed releases with the roots of trust, revoked keys and operating system key fingerprints. Apps could use multiple different certifying organizations. This is already something Android's hardware attestation API fully supports today.

Then why doesn't GrapheneOS offer that alternative to banks etc

[-] potustheplant@feddit.nl 2 points 18 hours ago

Because you can't unilaterally just save credit card information and use it for payments. Your bank has to support and approve the app/service.

this post was submitted on 16 Mar 2026
884 points (99.0% liked)

Open Source

45475 readers
833 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 6 years ago
MODERATORS
Cloak@lemmy.ml
kevincox@lemmy.ml
CrypticCoffee@lemmy.ml
Lettuceeatlettuce@lemmy.ml