privsec.dev/content/apps/Banking Applications compatibility with GraphheneOS.md

16 KiB
Raw Blame History

title date tags author canonicalURL ShowCanonicalLink
Banking Applications Compatbility with GrapheneOS 2022-01-26
Applications
Android
akc3n https://akc3n.org/projects/banking/ true

This is a on-going Work In Progress project to collect crowd sourced usage information on banking apps and present it in a manner that is easily accessible for users to figure out if a banking app works on GrapheneOS.1

Banking apps are a very problematic app for security and privacy focused OSes, or even alternative OSes, due to the app being incompatible with majority of hardening, having a hard dependency on Google Play services, or require passing SafetyNet ctsProfileMatch and basicIntegrity.2

GrapheneOS passes SafetyNet basicIntegrity, but it is not certified by Google so it does not pass ctsProfileMatch.3

GrapheneOS's usage guide on banking apps.


List of Banking Apps

Australia

Austria

Belgium

Canada

Czech Republic

Denmark

Finland

France

Germany

Hungary

India

Netherlands

Norway

Poland

Romania

Serbia

Sweden

Switzerland

Taiwan

United Kingdom

United States


List of Submitted Banking Apps

Here you will find a current list of submitted Banking Apps that work on GrapheneOS via this projects issue-tracker.

Submit a Banking App

Report a banking app's compatibility on GrapheneOS

Please use this issue form to submit a report on the banking app that you use on GrapheneOS:

SUBMIT REPORT

Alternative Ways to Submit

For non-GitHub users that would like to contribute:

curl -O https://gist.githubusercontent.com/akc3n/e845078ddbbb28ada0dd055c51ec45af/raw/63b2d2444bf0b9881c22c2a0514a1163116ec27f/issue-form.md

My Contact info for alternative method of submitting banking app report.


Notes

If you have any issues with what is listed on this site or about this project page, you may open an issue on this websites issue-tracker or contact me directly.

  • GrapheneOS has a detailed guide for app developers on how to support GrapheneOS with the hardware attestation API. Direct use of the hardware attestation API provides much higher assurance than using SafetyNet so these apps have nothing to lose by using a more meaningful API and supporting a more secure OS.

GrapheneOS users are strongly encouraged to share this documentation with app developers enforcing only being able to use the stock OS. Send an email to the developers and leave a review of the app with a link to this information. Share it with other users and create pressure to support GrapheneOS rather than locking users into the stock OS without a valid security reason. GrapheneOS not only upholds the app security model but substantially reinforces it, so it cannot be justified with reasoning based on security, anti-fraud, etc.

Contributors

Thank you for collaborating on project and contributing: