101
you are viewing a single comment's thread
view the rest of the comments
[-] Mojojojo1993@lemmy.world 6 points 11 months ago

Does graphene allow banking apps ? Does it trip safety net ?

[-] rufus@discuss.tchncs.de 7 points 11 months ago* (last edited 11 months ago)

I think GrapheneOS isn't made for that purpose. It's made to be safe and do privacy well. I think signature spoofing, rooting to circumvent things etc are opposing requirements. I don't think everything works. There are websites and other comments with more info. My Banking TAN App works, though. Google Pay doesn't.

[-] Mojojojo1993@lemmy.world 5 points 11 months ago

So google pay doesn't work. That's a bastard

[-] DebatableRaccoon@lemmy.ca 8 points 11 months ago* (last edited 11 months ago)

Not to start an argument but why would one want to be using Google Pay after going through the process of de-googling their phone? Seems counterproductive.

[-] Mojojojo1993@lemmy.world 2 points 11 months ago

Fair point. Is there an alternative to Google pay. I don't use a card and pretty much refuse to use anywhere that requires care or cash

[-] DebatableRaccoon@lemmy.ca 3 points 11 months ago

There are a few different ones. I highly recommend doing your own research to find one you're comfortable with; reading multiple different reviews of each and whatnot. But here's a site specialising in finding alternatives to services

[-] JackGreenEarth@lemm.ee 1 points 11 months ago

Every alternative except Apple and Samsung pay, which are device specific and proprietary, seem to just be crypto. No NFC FOSS purchases.

[-] DebatableRaccoon@lemmy.ca 2 points 11 months ago

Sadly, there's not too much I can do about that. From what I've understood, there's a whole lot of red tape around tap-to-pay transaction technology. Personally, I don't use any of it. Only cash or card where I have to.

[-] phoneymouse@lemmy.world 0 points 11 months ago

So many cards have an nfc chip in them now. Just tap the physical card.

[-] Mojojojo1993@lemmy.world 2 points 11 months ago

I don't want to tap the card. Point of preference. I don't have a wallet. I have a phone.

[-] TWeaK@lemm.ee 5 points 11 months ago

Google Pay gives you worse consumer rights than using your card with contactless. A contactless card purchase is processed as "cardholder not present", the same as phone catalogue purchases always used to be done, and the same as online purchases. The seller assumes default responsibility in any dispute. When you make a purchase with your card pin, or when you make a purchase with Google Pay, both are considered secure and authorised by you, so that becomes the default position in a dispute.

If someone steals your card and uses it to make a bunch of contactless purchases, you'd have a much easier time getting them refunded than if the purchases were made with your phone.

[-] Mojojojo1993@lemmy.world 3 points 11 months ago

How would they use my phone? It's locked and requires fingerprint to unlock? Card requires nothing. Can lock down phone. Can lock card but need to contact bank.

[-] TWeaK@lemm.ee 1 points 11 months ago

Fingerprint is fairly easy to bypass, face unlock sometimes moreso. A PIN or password can be captured by just watching someone, and you'll have far more opportunity to capture their phone PIN than you would their card PIN. If anything, you're perhaps less likely to lose your card as it spends more time safe in your pocket.

The point is it can be done, and you're in a worse position if/when it happens.

[-] Mojojojo1993@lemmy.world 1 points 11 months ago

Sorry. Where are fingerprint readers easy to crack ? Maybe government agencies and high level crime syndicates. Not petty thief's. I don't use phone pin. I use fingerprint as discussed.

I don't use card pin so that's not an issue. The problem would be a contactless card. Which is the debate we are currently engaged in.

So no. I'll stick with my phone using Google pay. I had my card skimmed with a card reader and my bank emptied. Funnily enough has never happened with my phone.

[-] TWeaK@lemm.ee 1 points 11 months ago

Fingerprint readers aren't easier to crack, but they're easy enough to spoof. That's certainly getting harder - just like spoofing facial recognition is - but ultimately biometrics are heavily flawed as a security method. Primarily, it's almost impossible for a person to change their biomentrics, meaning once they are compromised there is little if anything that can be done.

I would say that you shouldn't use Google Pay. You should revert to using your card directly, particularly contactless card purchases. Not only will this give you better consumer rights in the event of any dispute, but also you won't be giving even more detail to Google.

Even so, cash is king. You can always haggle a lower price if you're paying in cash, particularly when you highlight the 1.5% that card providers (MasterCard and VISA) levy for all card transactions, on top of their statutory fee.

[-] Mojojojo1993@lemmy.world 1 points 11 months ago

Oh I don't disagree with biometrics. They are the ultimate in security. But if you lose access you are fucked.

They could be spoofed. But each year it's harder and harder and as I said. Petty crime would weigh up the odds. Contactless card that you can use a few times before locked or need to spoof a fingerprint to get into a phone and then use contactless.

I know which one id choose. Also we need to keep the phone connected to the Google account. Increasing my ability to trace you and retrieve my phone. Card will ping location but it doesn't say where your house is. I can remotely lock my Google phone and trace it. Can't do that with card. I think phone is a Much riskier endeavor.

And I will be er revert to using card. As states above it's a worse experience in all aspects. Easier to lose card, easier to be stolen and worse protection. Always have phone on me and can do a multitude of jobs. Card can do one thing.

That's the pay off isn't it. Google data vs bank data. It's the same data yet It inconveniences me more. Same outcome.

Literally no one is haggling. That's a ridiculous proposition. When was the last time you haggle for a beer. Money is cumbersome and completely unnecessary. Yes it's great for illicit nefarious reasons. 99% of people have no need for that. Cash means wallets pockets and then I'm stuck with useless change.

Cash hadn't been king for a while. Jesus during COVID-19 places wouldn't even accept it. Contactless or I don't shop there.

[-] TWeaK@lemm.ee 1 points 11 months ago* (last edited 11 months ago)

Card will ping location but it doesn’t say where your house is. I can remotely lock my Google phone and trace it. Can’t do that with card. I think phone is a Much riskier endeavor.

I mean, I've never used Google Pay, so I can't really comment on the functionality. But it is very easy to block card.

My point is that when you block the card, you have the opportunity to object to any purchase that wasn't authenticated by you. Any contactless card purchase could be challenged. Meanwhile, any purchase where you used your PIN, or your phone, leaves you no opportunity to challenge it.

Furthermore, perhaps the most common form of card fraud involves friends and family. Such a friend could conceivably gain access to your phone and the details needed to make a transaction. If that transaction involves using your phone (which many close family members might have access to) then you will have no recourse with the card company. If you have a bunch of suspicious transactions that used your card PIN, you will be expected to explain them, but if yoiu have a bunch of suspicious transactions made with contactless cards then the default position is that the business has to explain them.

It's a fairly subtle difference, but it is very significant. You're on the back foot when you casually use your phone, compared to casually using a card.

Literally no one is haggling. That’s a ridiculous proposition.

Not quite, but yeah, very few are. We've almost reverted to the point where terms and conditions are dictated to us, and we have the privelege of paying for it. That's bullshit. We have the money, they want it, they should taylor their terms to suit us.

[-] Mojojojo1993@lemmy.world 1 points 11 months ago

You should try apps. Be good UK try other side. Can always cancel after a trial period. It's easier to block google pay than a card, but only by a fraction. Both can be completed in app.

That is true but it's an antiquated system that requires updating. But I get ya.

My phone is password and fingerprint protected and I change the password regularly. No one would be attempting that. My Family members would never attempt something so brazen and my friends wouldn't gain access. But again I can understand the point. It's pretty out there. You could use the same argument for a card. If someone gets access to your card it has all the details available to you and doesn't require password or fingerprint

In dome ways yes but that's the system we live

this post was submitted on 14 Dec 2023
101 points (98.1% liked)

No Stupid Questions

35868 readers
389 users here now

No such thing. Ask away!

!nostupidquestions is a community dedicated to being helpful and answering each others' questions on various topics.

The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:

Rules (interactive)


Rule 1- All posts must be legitimate questions. All post titles must include a question.

All posts must be legitimate questions, and all post titles must include a question. Questions that are joke or trolling questions, memes, song lyrics as title, etc. are not allowed here. See Rule 6 for all exceptions.



Rule 2- Your question subject cannot be illegal or NSFW material.

Your question subject cannot be illegal or NSFW material. You will be warned first, banned second.



Rule 3- Do not seek mental, medical and professional help here.

Do not seek mental, medical and professional help here. Breaking this rule will not get you or your post removed, but it will put you at risk, and possibly in danger.



Rule 4- No self promotion or upvote-farming of any kind.

That's it.



Rule 5- No baiting or sealioning or promoting an agenda.

Questions which, instead of being of an innocuous nature, are specifically intended (based on reports and in the opinion of our crack moderation team) to bait users into ideological wars on charged political topics will be removed and the authors warned - or banned - depending on severity.



Rule 6- Regarding META posts and joke questions.

Provided it is about the community itself, you may post non-question posts using the [META] tag on your post title.

On fridays, you are allowed to post meme and troll questions, on the condition that it's in text format only, and conforms with our other rules. These posts MUST include the [NSQ Friday] tag in their title.

If you post a serious question on friday and are looking only for legitimate answers, then please include the [Serious] tag on your post. Irrelevant replies will then be removed by moderators.



Rule 7- You can't intentionally annoy, mock, or harass other members.

If you intentionally annoy, mock, harass, or discriminate against any individual member, you will be removed.

Likewise, if you are a member, sympathiser or a resemblant of a movement that is known to largely hate, mock, discriminate against, and/or want to take lives of a group of people, and you were provably vocal about your hate, then you will be banned on sight.



Rule 8- All comments should try to stay relevant to their parent content.



Rule 9- Reposts from other platforms are not allowed.

Let everyone have their own content.



Rule 10- Majority of bots aren't allowed to participate here.



Credits

Our breathtaking icon was bestowed upon us by @Cevilia!

The greatest banner of all time: by @TheOneWithTheHair!

founded 1 year ago
MODERATORS