Please let me know how I should deal with my banking apps in the future. I used LineageOS and Magisk to convince SafetyNet that everything was as it should be.
Now I read that SafetyNet was depreciated and LineageOS would become a red flag for banking apps (in Germany).
What is the way forward?
How can I use up-to-date firmware (i am fine with using something besides LineageOS) and still use my banking app on my phone?
I can’t say for LineageOS, but on GrapheneOS my banking apps work without doing anything special, apart from enabling sandboxed Google Play services.
I can vouch for this. I run completely unrooted GrapheneOS and no app has ever failed a safetynet test. Banking apps and Pokemon Go work just fine.
I’ve never had issues with LineageOS either, but this is before the hardware attestation days.
Well, unrooted is the key there.
Safetynet is really only a challenge with rooted phones. Or sometimes being OEM unlocked.
Safety Net was replaced with the “Play Integrity API”. The current workaround I’m using is “Play Integrity Fix” by chiteroman and playcurl by daboynb. I believe this is still limited to Android 14 but could be wrong. The xda thread for it could shed some light.
Graphene os is an option to use. But keep in mind that it only works on pixel phones.
Hey, I use LOS with Magisk as well.
There is a separate safetynet fix module for magisk you can install. No idea if the module is deprecated or not. Will have to check.
You can use the deny list in magisk to “hide” root access from your banking app.
There is also the option to hide the Magisk app itself. For some reason my banks app was checking for this specifically, and this solved my issues.
Edit: Safetynet fix: https://github.com/kdrag0n/safetynet-fix
This is what I have. Not sure if the project is dead, last update was a year ago it seems.
If you dont need to scan any checks, why not just use the website?
We don’t do checks here. I could use the website, but mobile is the authentication method for the website, besides it being a lot more convenient.
I for one just delete apps that stop working on my phone. The PhotoTAN apps usually work fine. But I do my online banking on my laptop so I don’t know about the other stuff.
I do too, but this isn’t a question for people like us. It’s a question for people who don’t have that option.
Hmmh. I mean I use a custom rom and Linux out of several reasons. But one of them is I want privacy and to stay in control. Often that requires some extra effort. Using PCs is quite alright for me. But the world of mobile apps is a bit more complicated. I’ve mostly worked around their crappy stuff by using workarounds like SafetyNet, third party apps and stuff. But it’s getting more and more complicated. I kinda stopped bothering. I don’t do NFC payments, I don’t rent electro scooters because all of that stuff doesn’t work. Nobody understands and I’ve complained to bank staff and it’s just not something they care about. We still have a separate working TAN device. But I had to listen to the lecture how good the banking app is for like 3 times. :'-(
I think one of the alternatives is to use something like this: https://github.com/chiteroman/PlayIntegrityFix
If you really need an app. I think I’m going to weed out apps though and see if there are companies who offer better alternatives to their customers or alternative ways to access their services.
At least things work in the browser