[HOWTO] Installing Banking Apps

eOSWiki HOWTOs
109

The Bunq app on Android uses way too many trackers and permissions. More than double that of other Dutch bank apps, like the one from ABN Amro. The Triodos Bank is very respectful of privacy, as it uses only one or two trackers.

See here:
https://reports.exodus-privacy.eu.org/en/reports/com.bunq.android/latest/

(The Exodus privacy search is an eye-opener. Its ratings are integrated into the /e/ Apps store. I would recommend to check each new app on that platform before using it, when downloading from another store.)

1 Like
110

Why is your bootloader still unlocked? The instruction I got when flashing /e/ is to lock the bootloader once I’m finished flashing… It’s unsafe to leave it open, if you’re not very technical.

1 Like
111

I was not aware that there is a way to lock the bootloader again after installing /e/ on a onePlus 5t. Afaik only certain phones allow that functionality such as the pixel range or the fairphones due to restrictions put into place by the phone manufacturers. But if you know how to do it, please do tell me, I’d be keen to know.

1 Like
112

Sorry if this is coming late, but when I had tried it Monzo worked completely fine. Same with the halifax, Barclays, Wise, N26 and Starling (Barlcays app said my phone was rooted on the android 8 version of /e/ but its been working perfectly since android 9).
With all the banking apps you’ll most likely have to download, install and update with aurora though since the /e/ store is missing many of them. In the netherlands I tried ABN amro as well which also works fine with one single caveat: In the bank account registration process a selfie had to be taken and that seemed to rely on some missing library. Had to borrow someones phone to register for my account to just get past that specific step, but after registration everything worked perfectly.
Generally the only app I have had issues with was the NHS app. But using the nhs covid pass service lets you get a qr code which i saved within my greenPass app

1 Like
113

I don’t have the option to ’ scroll down to ‘Magisc Core Only Mode’ , and under Settings - Trust i only see :point_down:

Screenshot_20220320-131311_Indstillinger
Screenshot_20220320-131311_Indstillinger1080×2400 49.3 KB

I got some of my danish apps(minlæge, medicinkort) to work, but login with the ‘nemid-app’ won’t work as to security reasons.

Latest magisk is installed.

But thx :+1:

1 Like
114

Infos and guides about
New Magisk root and new root hide feature

1 Like
115

On the instruction set I followed it was a requirement to lock the bootloader. Here’s a copy-paste of that bit:

Locking the Bootloader

Once you have completed the above steps and before rebooting you can and should lock your Bootloader.

  1. Boot your device into bootloader if not already there, and plug it to your computer
  2. Lock critical partitition with the following command
  • fastboot flashing lock_critical
  • Approve with Voume + then power
  1. Reboot again your device into bootloader, and plug it to your computer
  2. Lock the device with the following command
  • fastboot flashing lock
  • Approve with Voume + then power
1 Like
116

May I ask you to post the link to the instruction set? I have not seen this in the one provided on the /e/ foundation website here

1 Like
117

relocking only works for a few devices !
you probably must edit build.prop first…

2 Likes
118

Does it work for MIDO, Redmi Note 4 !

I dont want to use Magix but i just want to relock boot loader after installing E os.

Thanks

1 Like
119

Sorry for replying late. The url is this:
https://doc.e.foundation/devices/FP4/install
See bottom of page.

1 Like
120

Yeah that makes sense. You are referring to the documentation for the Fairphone 4, which is one of the few devices which allows re-locking the bootloader. To my knowledge the OnePlus 5t does not allow re-locking the bootloader. I brought this up a few times in other topics and it looks like the blocking factor for locking bootloaders lies with the device manufacturer. AFAIK attempting to lock the bootloader of a device that does not allow you to do so can “softbrick” your device, so @Zeno make sure to look into it properly before attempting to relock the bootloader and only follow the instructions for your specific device.

1 Like
121

Okay, sorry if I almost got people to softbrick their device, that was not my intention at all! I am surprised to hear that most devices don’t let you re-lock the bootloader, as this is a serious sexurity vulnerability. Glad I have a Fairphone!

1 Like
122

Well it took bit longer, but now when /e/ OS V1 is released, stable builds do have some improvements for banking apps also. Since I don’t have stable Murena device, I decided to test same method used at stable builds. Basicly I installed ih8sn to my device. To install ih8sn basicly follow this guide at xda.

I try to split this to 2 version at here ( NOTE DO THIS AT YOUR OWN RISK!):

  1. General method which should basicly work for almost every device. If possible I suggest to try option 2.

  2. Quick install method if you have Redmi Note 8 (ginkgo)/ 8T (willow), which are using same unified build for ginkgo. If you have some other device, you might be able to find presetted conf file for you divece, or zip file flashable fro twrp like for Redmi Note 8/8T. See quick method at the bottom of message.

Method 1 - General installation (note this is using install / push script at ih8sn package, so works at linux, not in windows. I also assume you have working adb etc. at your computer):

Step 1 - Download latest ih8sn package for your device architecture and extract

Step 2 - At folder you extracted zip file, you see ih8sn.conf where you have to get right values in the file corresponding to your device, unless you have that device which is preconfigured. Even if you have that device, remove #at front of lines and make lines start with those texts. So basicly from

# BUILD_FINGERPRINT=

to

BUILD_FINGERPRINT=

File by default includes following information presetted:

BUILD_FINGERPRINT=
BUILD_DESCRIPTION=
BUILD_SECURITY_PATCH_DATE=
BUILD_TAGS=release-keys
BUILD_TYPE=user
BUILD_VERSION_RELEASE=
DEBUGGABLE=0
MANUFACTURER_NAME=
PRODUCT_NAME=

Now bit tricky part. To be able to get correct values for these, you need to either find ready made conf file for your device, or have device running stock rom at your hands. If you have same model phone running stock, or temporatily flash stock to get those values, then enable developer options from phone and make sure you have enabled usb degug. Connect your phone to your computer and check computer recognizes phone with command adb devices

I assume everything is ok so far, so you can start to get those informations…

type adb shell and press enter

to get build fingerprint run getprop ro.build.fingerprint

to get description run getprop ro.build.description

to get build security pach date run getprop ro.build.version.security_patch

to get build version release run getprop ro.build.version.release

to get manufacturer name run getprop ro.product.system.manufacturer

to get product name run getprop ro.product.system.name

Now you should have all information needed for ih8sn.conf file (just paste each output to corresponding line at conf file after =). If some commands don’t give result, you can get all information with command getprop which will give a long list of details.

Ok, assuming you now have conf file setted up, it’s time to enable developer mode + usb debug as root from your device running /e/ OS. Then at computer open terminal to the folder where those files are located (at linux adb will work when setted up correctly, no matter what folder you are into.). Test connection to phone again with command adb devices

Now if you run script push.sh with command sh push.sh you will probably get information that /system is read only. To mount it with write permissions, type adb remount and after done, run sh push.sh again. If managed, you should get output similar like:

60-ih8sn.sh: 1 file pushed, 0 skipped. 7.9 MB/s (734 bytes in 0.000s)
ih8sn: 1 file pushed, 0 skipped. 231.4 MB/s (9869696 bytes in 0.041s)
ih8sn.rc: 1 file pushed, 0 skipped. 1.3 MB/s (292 bytes in 0.000s)
ih8sn.conf: 1 file pushed, 0 skipped. 4.4 MB/s (364 bytes in 0.000s)

If successful, you can disableusb debug & developer options and restart your phone. Now banking apps should work. Also since 60-ih8sn.sh has comments:

# /system/addon.d/60-ih8sn.sh.sh
# During a LineageOS upgrade, this script backs up ih8sn,
# /system is formatted and reinstalled, then the files are restored.

it should restore ih8sn after system upgrade.

Method 2 - Quick install

If you have Redmi Note8/8T (ginkgo) you can do this easy way. There are ready made zip files for ginkgo and willow. Might be that ginkgo version works for both models, but I tested willow version on mine since I have willow (Redmi Note 8T) and so I could also get conf files manually to willow running stock.

Step 1 - Download ih8sn.zip for ginkgo, from this telegram group at this message - or for willow from same group at this message.

Step 2 - at least willow version zip file is meant for flash directly from twrp, so you can just save the file ie on memorycard, power off your device and start to twrp recovery with power + volume up. From twrp select install and locate your zip file and swipe to flash and after done, reboot system… that’s all.

If you don’t have Redmi Note 8/8T and neither have option to use same device as yours, exact same model but running stock rom, you could possibly find preconfigured ih8sn.cn file or maybe even flashable zip. In case of preconfigured ih8sn.conf file, just replace ih8sn.conf at method 1 with that preconfigured conf file and run script to install.

NOTE
What ever method you choose to try with, you do it with your own risk, especially when downloading something ready configured ar installable etc.

So I just put this here as basic guideline if someone else also want’s to try this. With that said, I’m not saying there aren’t any mistakes at my post, I got banking apss working with ih8sn at device running dev-build, so I assume you could do the same. Just better check all information given twice on your own too, your own risk here…

3 Likes
123

I can confirm that the method #1 worked flawlessly for me :slight_smile: on my OnePlus6 with the Danish app MitID. This one specifically was complaining that the device is rooted.

I put the information needed for ih8sn to this post - to save some time for the others:

2 Likes
124

Method #2 worked for me on Xiaomi Mi A1 (tissot) using /e/ v1.0 and Credit Agricole app.
Thank you for that tip that avoid me a huge disappointment :slight_smile:

1 Like
125

Has anyone some experience to share about running the Sparkasse Push-TAN and N26 apps within /e/OS 1.5 r ?

I’ve a Moto X2 2014 with very low mic volume and would like to fix that using root access. Or can I even unroot after applying the mod and everything stays as it is?

Thanks!

126

Magisk Delta still works for me. For Belgiums Payconique by bancontact and itsme (ID) and other app’s from work like succesfactors or ESS are working because of the hide function.
https://huskydg.github.io/magisk-files/

129

I typed the following prompt in ChatGPT and I was able to retrieve the info for #Method1

fill in the following details for Nexus 7 2013 with latest rom update:

BUILD_FINGERPRINT=
BUILD_DESCRIPTION=
BUILD_SECURITY_PATCH_DATE=
BUILD_VERSION_RELEASE_OR_CODENAME=
PRODUCT_BRAND=
PRODUCT_DEVICE=
PRODUCT_MODEL=
BUILD_TAGS=
BUILD_TYPE=
BUILD_VERSION_RELEASE=
DEBUGGABLE=
MANUFACTURER_NAME=
PRODUCT_NAME=

Based on my knowledge cutoff date (September 2021), the latest official ROM update for Nexus 7 (2013) was released in November 2016 and it is running on Android 6.0.1 Marshmallow. Therefore, the following details correspond to this version of the operating system:

BUILD_FINGERPRINT= google/razor/MRA58K/3371000:user/release-keys
BUILD_DESCRIPTION= razor-user 6.0.1 MRA58K 3371000 release-keys
BUILD_SECURITY_PATCH_DATE= 2016-11-06
BUILD_VERSION_RELEASE_OR_CODENAME= Android 6.0.1 Marshmallow
PRODUCT_BRAND= google
PRODUCT_DEVICE= razor
PRODUCT_MODEL= Nexus 7
BUILD_TAGS= release-keys
BUILD_TYPE= user
BUILD_VERSION_RELEASE= 6.0.1
DEBUGGABLE= false
MANUFACTURER_NAME= Asus
PRODUCT_NAME= razor
1 Like
130

#Method1 worked for two devices:
Nexus 7 2013 and POCOPHONE F1.
If you have the same devices and it doesn’t work ensure you have uninstalled Magisk or other similar apps. When I had Magisk, then two banking app could not launch, it was detecting the device as unsafe. There is still one app that doesn’t work which is checking if the app was downloaded from the Play Store… how damn stupid!