I'm this close to visiting my "local" branch for all my banking.
I'm this close to visiting my "local" branch for all my banking.
I'm lucky my banking app works (GrapheneOS), as it's now requiring 2FA with the app anytime I login on the browser. Can't use an actually secure form like TOTP. At least they now allow passwords over 8 characters (yes, serious).
(Meme in comments)
With the PNC bank I use, about 12 years ago, passwords used to be case insensitive, and they would allow ridiculously insecure passwords without complaining, like one123. I had a ridiculous password like that for a while because it was funny, then realized I'd be the one to pay for it.
I didn't try a rooted phone, but thankfully my banking app did work on my phone with custom ROM without SafetyNet.
But they do block some VPNs. I know it temporarily didn't work with ProtonVPN, though now it does again. They only told me that they allow VPNs which they consider secure, but for security purposes they won't reveal how those considerations are done.
How would that make it insecure, if they aren't just using pre-made IP blocklists?
Anyway, that was a painful experience.
Getting it to work after being to connected to VPN required de-activation and re-activation of the app. That's a fairly painful process since it uses OTP tokens generated by a card reader:
It does have a digital version, but that's less secure.
Banks do this because most people don’t know how to use technology and it’s a lot easier to get remote access and malware on your computer than your phone.
Even worse still: many online banking services require you to connect to Google, basically through the back end captcha system. You never have to solve the puzzle or click on traffic lights, but they do still associate you and your web browser with having an account with that bank.
However also, you can often use root with banking apps, you just have to set it up right. Configure Magisk to operate in the Zygisk domain with a deny list, and add the apps to that.
My dyslexic ass read that as "Baking apps" and i was genuenly confused.
Google and the banks can eat my whole asshole.
This post is against Rule 6, but I'll leave it up this time since there are a decent amount of discussion here now.
lseif@sopuli.xyz, please remove the image when you can. You can post it in the comments.
Get new bank
Honestly, screw apps that do this. It's pathetic.
This is actually something I have spent a lot of time thinking about. In Sweden, where my boyfriend lives, their BankID app is ubiquitous, and there is very little cash handling going on, additionally the fees for actually going to the bank or subsidiary to pay your bills are exorbitant.
Everybody pays their bills online using "BankID", which is kinda nifty and works well enough if a single point of failure is your thingaling, but what if people simply choose not to get a phone, or don't want a computer, just basic like that, what if?
It feels kind of creepy to me, I don't know...
Ok fine no banks it is then.
You might try another bank. Several still provide online banking, so you can just use their website.
I moved to a bank that allows non google phones and let my previous bank know why I left.
All our local banks closed their branches. We're lucking if we can get a human to talk to.
I use Magisk with the DenyList enabled and I just add banking and government apps to that list. Everything works perfectly.
Does chime do this?
My banking app doesn't check for Play Integrity but they do check for root. You can log in with a rooted device but you can't do any transactions or use fingerprint login. I think this is justified. Rooted devices are not secure. They also check for apps that use accessibility services and if they see that you have apps that use accessibility you have to use their slow af face recognition if you want to pay. This is annoying if you legitimately need them for accessibility reasons. They have no problems with GrapheneOS though so that's cool.
