What's stopping banks from creating FOSS (or atleast open-source) banking solutions (apps)? (fost.hu)

submitted 2 years ago by nIi7WJVZwktT4Ze@fost.hu to c/opensource@lemmy.ml

18 comments fedilink hide all child comments

cross-posted from: https://fost.hu/post/226135

Let's say, I create a bank with the caveat that all of my banking phone apps and webapps are FOSS (or if they depend on non-free components — banks probably do to communicate with each other —, then just OSS). Am I going to be behind the competition by doing this?

If the most secure crypto algorithms are the ones that are public, can we ensure the security of a bank's apps by publicizing it?

Are they not doing this because they secretly collect a lot of data (on top of your payment history because of the centralized nature of card payments) through these apps?

EDIT: Clarifying question: Is there a technical reason they don't publicize their code or is it just purely corporate greed and nothing else?

you are viewing a single comment's thread
view the rest of the comments

[-] OhNoMoreLemmy@lemmy.ml 39 points 2 years ago* (last edited 2 years ago)

It wouldn't matter much.

Most of what a bank does isn't on your phone, but server side.

In fact most bank apps could be replaced with an internal web browser that is pointing at their website, and a password manager, with no loss in functionality or change in security.

And if you'd like to review the client side code the bank is using you can just open dev mode in your browser, right now.

[-] nIi7WJVZwktT4Ze@fost.hu -2 points 2 years ago

Are there any downsides to opening up the server-side code too? Would it also compromise other banks' security, since these banks need to interoperate?