/e/ and banking apps etc

antaeus · July 30, 2022, 10:45am

Hi.
I have been playing with custom ROMs for quite some years. Primarily I do no want to be spied upon and I don’t want to be the product.
Is there any solution in sight where we can use banking apps og apps that scans for root, safety.net etc.?
I flashed /e/ on a Pixel 1, and the authenticator app that I have to use (I live in Denmark), claims the phone is rooted (which it isn’t). I contacted the company that makes it, and their “support” is either completely oblivious or doesn’t want a dialogue on why their app doesn’t work on a custom Android phone. I could use a hardware token, but that is not very convenient.

So, my question is this: What are the predictions in terms of perhaps spoofing device identity?

Thank you in advance.

Regain your privacy! Adopt /e/ the unGoogled mobile OS and online services phone

Macrophag · July 30, 2022, 1:13pm

I ordered the token. In part to inflict expenses on the institution opting for mitID…

tcecyk · July 30, 2022, 3:11pm

if you’re on a “dev” branch build, you can potentially get a root shell via adb options, this is what the sdks looking for signs of elevated access trip on.

iirc - for stable builds I think this option got removed so safetynet can pass.

antaeus · August 18, 2022, 7:37pm

Thank you, and I apologise for the very late reply.
I think I need to end up with the token. Using “stock” Android is not good for my mental health.

P.S. already have a token. I just find it cumbersome, and need to find a carrying thing so as to not ruin/destroy it.

antaeus · August 18, 2022, 7:40pm

Thank you. I think Pixel 1 is on dev.

Just checked, yes:
Build versions
R (dev)

tcecyk · August 19, 2022, 9:07am

I wonder if the Mobil-ID app is a general (t)otp App that can be replaced by other auth apps (that do not care for safetynet).

you want to follow this ticket:

(peripherally related are Document the Safetynet support (#5542) · Issues · e / Backlog · GitLab and Integrate latest microG release (#4725) · Issues · e / Backlog · GitLab)

Macrophag · August 31, 2022, 5:57pm

The banking apps all require SafetyNet as well. I contacted one of the banks and got told to just deal with it…

Privacy-Phone-2022 · September 12, 2022, 1:08pm

I am thinking about using two phones. One with stock android especially for the banking app. And second as a primary phone with /e/ or Lineage OS on board. I am still thinking which os to choose and what to do about the banking app …

piero · September 12, 2022, 7:52pm

I have to use “magisk” + “shamiko” + “safetynet-fix” modules, but now, banking apps works !

Macrophag · September 12, 2022, 7:58pm

Or use webapps. Works like a charm.

Privacy-Phone-2022 · September 13, 2022, 4:09am

do you mean just logging in via the browser?

Macrophag · September 13, 2022, 4:57am

Yes. You can then “install” the URL to the phone so it appears as an app:

Privacy-Phone-2022 · September 13, 2022, 7:13am

this sounds nice however for blik usage banking app is still required?