Git-Mirrors/privsec.dev
1
0
Fork 0
mirror of https://github.com/PrivSec-dev/privsec.dev.git synced 2025-05-02 14:26:25 -04:00
Code Issues Projects Releases Packages Wiki Activity

Move banking app list to PrivSec

Browse source 
Signed-off-by: Tommy <contact@tommytran.io>
This commit is contained in:
Tommy 2022-09-28 13:55:37 -04:00
parent 50aca5722a
commit 421e3df20d
No known key found for this signature in database
GPG key ID: 060B29EB996BD9F2
3 changed files with 4 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

8
content/apps/Banking Applications compatibility with GraphheneOS.md
View file

@ -3,13 +3,11 @@ title: "Banking Applications Compatibility with GrapheneOS"
date: "2022-01-26"
tags: ['Applications', 'Android']
author: akc3n
canonicalURL: https://akc3n.org/projects/banking/
ShowCanonicalLink: true
---
This is a on-going *Work In Progress* project to collect crowd sourced usage information on banking apps and present it in a manner that is easily accessible for users to figure out if a banking app works on [GrapheneOS](https://grapheneos.org/).
This is a list of banking applications known to work with [GrapheneOS](https://grapheneos.org).
Banking apps are a very problematic app for security and privacy focused OSes, or even alternative OSes, due to the app being incompatible with majority of hardening, having a hard dependency on Google Play services, or require passing SafetyNet `ctsProfileMatch` and `basicIntegrity`.
Banking apps are a very problematic app for security and privacy focused operating systems, or even alternative OSes, due to the app being incompatible with majority of hardening, having a hard dependency on Google Play services, or require passing SafetyNet `ctsProfileMatch` and `basicIntegrity`.
GrapheneOS passes SafetyNet `basicIntegrity`, but it is not certified by Google so it does not pass `ctsProfileMatch`.[^1]
@ -265,7 +263,7 @@ My [Contact](https://akc3n.org/about/#contact) info for alternative method of su
## Notes
If you have any issues with what is listed on this site or about this project page, you may open an issue on this websites [issue-tracker](https://github.com/akc3n/akc3ndotorg/issues) or [contact](https://akc3n.org/about/#contact) me directly.
If you have any issues with what is listed on this site or about this project page, you may open an issue on this [issue-tracker](https://github.com/PrivSec-dev/banking-apps-compat-report/issues) or [contact](https://akc3n.org/about/#contact) me directly.
- GrapheneOS has a [detailed guide](https://grapheneos.org/articles/attestation-compatibility-guide) for app developers on how to support GrapheneOS with the hardware attestation API. Direct use of the hardware attestation API provides much higher assurance than using SafetyNet so these apps have nothing to lose by using a more meaningful API and supporting a more secure OS.