Free Firmwares (like LineageOS), Safetynet and banking apps? (feddit.de)

submitted 7 months ago by bremen15@feddit.de to c/android@lemmy.world

12 comments fedilink hide all child comments

Please let me know how I should deal with my banking apps in the future. I used LineageOS and Magisk to convince SafetyNet that everything was as it should be.

Now I read that SafetyNet was depreciated and LineageOS would become a red flag for banking apps (in Germany).

What is the way forward?

How can I use up-to-date firmware (i am fine with using something besides LineageOS) and still use my banking app on my phone?

top 12 comments

sorted by: hot top controversial new old

[-] synapse1278@lemmy.world 14 points 7 months ago

I can't say for LineageOS, but on GrapheneOS my banking apps work without doing anything special, apart from enabling sandboxed Google Play services.

[-] pHr34kY@lemmy.world 3 points 7 months ago

I can vouch for this. I run completely unrooted GrapheneOS and no app has ever failed a safetynet test. Banking apps and Pokemon Go work just fine.

I've never had issues with LineageOS either, but this is before the hardware attestation days.

[-] BearOfaTime@lemm.ee 3 points 7 months ago

Well, unrooted is the key there.

Safetynet is really only a challenge with rooted phones. Or sometimes being OEM unlocked.

[-] Zikeji@programming.dev 13 points 7 months ago* (last edited 7 months ago)

Safety Net was replaced with the "Play Integrity API". The current workaround I'm using is "Play Integrity Fix" by chiteroman and playcurl by daboynb. I believe this is still limited to Android 14 but could be wrong. The xda thread for it could shed some light.

[-] Fake4000@lemmy.world 10 points 7 months ago

Graphene os is an option to use. But keep in mind that it only works on pixel phones.

[-] GetAwayWithThis@lemmy.dbzer0.com 5 points 7 months ago* (last edited 7 months ago)

Hey, I use LOS with Magisk as well.

There is a separate safetynet fix module for magisk you can install. No idea if the module is deprecated or not. Will have to check.

You can use the deny list in magisk to "hide" root access from your banking app.

There is also the option to hide the Magisk app itself. For some reason my banks app was checking for this specifically, and this solved my issues.

Edit: Safetynet fix: https://github.com/kdrag0n/safetynet-fix

This is what I have. Not sure if the project is dead, last update was a year ago it seems.

[-] codenul@lemmy.ml 1 points 7 months ago

If you dont need to scan any checks, why not just use the website?

[-] bremen15@feddit.de 2 points 7 months ago

We don't do checks here. I could use the website, but mobile is the authentication method for the website, besides it being a lot more convenient.

[+] h3ndrik@feddit.de -12 points 7 months ago* (last edited 7 months ago)

I for one just delete apps that stop working on my phone. The PhotoTAN apps usually work fine. But I do my online banking on my laptop so I don't know about the other stuff.

[-] BearOfaTime@lemm.ee 3 points 7 months ago

I do too, but this isn't a question for people like us. It's a question for people who don't have that option.

[-] h3ndrik@feddit.de 1 points 7 months ago* (last edited 7 months ago)

Hmmh. I mean I use a custom rom and Linux out of several reasons. But one of them is I want privacy and to stay in control. Often that requires some extra effort. Using PCs is quite alright for me. But the world of mobile apps is a bit more complicated. I've mostly worked around their crappy stuff by using workarounds like SafetyNet, third party apps and stuff. But it's getting more and more complicated. I kinda stopped bothering. I don't do NFC payments, I don't rent electro scooters because all of that stuff doesn't work. Nobody understands and I've complained to bank staff and it's just not something they care about. We still have a separate working TAN device. But I had to listen to the lecture how good the banking app is for like 3 times. :'-(

I think one of the alternatives is to use something like this: https://github.com/chiteroman/PlayIntegrityFix

If you really need an app. I think I'm going to weed out apps though and see if there are companies who offer better alternatives to their customers or alternative ways to access their services.

[-] MigratingtoLemmy@lemmy.world 2 points 7 months ago

At least things work in the browser

this post was submitted on 02 Apr 2024

52 points (98.1% liked)

Android

27918 readers

60 users here now

DROID DOES

Welcome to the droidymcdroidface-iest, Lemmyest (Lemmiest), test, bestest, phoniest, pluckiest, snarkiest, and spiciest Android community on Lemmy (Do not respond)! Here you can participate in amazing discussions and events relating to all things Android.

The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:

Rules

1. All posts must be relevant to Android devices/operating system.

2. Posts cannot be illegal or NSFW material.

3. No spam, self promotion, or upvote farming. Sources engaging in these behavior will be added to the Blacklist.

4. Non-whitelisted bots will be banned.

5. Engage respectfully: Harassment, flamebaiting, bad faith engagement, or agenda posting will result in your posts being removed. Excessive violations will result in temporary or permanent ban, depending on severity.

6. Memes are not allowed to be posts, but are allowed in the comments.

7. Posts from clickbait sources are heavily discouraged. Please de-clickbait titles if it needs to be submitted.

8. Submission statements of any length composed of your own thoughts inside the post text field are mandatory for any microblog posts, and are optional but recommended for article/image/video posts.

Community Resources:

We are Android girls*,

In our Lemmy.world.

The back is plastic,

It's fantastic.

*Well, not just girls: people of all gender identities are welcomed here.

Our Partner Communities:

!android@lemmy.ml

founded 1 year ago

MODERATORS

MargotRobbie@lemmy.world

Rooki@lemmy.world

Thekingoflorda@lemmy.world

L3s@lemmy.world

_MoveSwiftly@lemmy.world