I was thinking that maybe such idea could be applied on a Linux phone that could run all your banking apps without Waydroid's "you-must-be-a-hacker" issues, literally by having a half-asleep Android running on another chip, which you can wake up whenever to do your "non-hacker" things, while at the same time you can run the rest of your system (calls, messaging, calculator, calendar, browser...) on your lightweight, private and personalized Linux mobile OS.
I think I would pay big bucks for something like this, and it could serve as a transition device for ditching Android in the future when Tux finally governs over the world.
That already exists with waydroid. It's what people use on the Librem 5 and PinePhone to run linux apps. It would save much more battery if it were at OS level, but I assume that would be akin to merging Android and mobile linux distros and a lot more work.
Why do you have the impression that waydroid has a "you must be a hacker" issue?
Safetynet worked at some point, but it's proprietary tech that changes on a whim. Any other emulator or container will probably run into the same problem. Starting an entire new emulator with the purpose of circumventing safetynet or other proprietary attestation is an effort that could've gone into making it work on waydroid instead.
My understanding is the Google Integrity API is not the same as Google Play Protect:
The Play Integrity API helps you check that interactions and server requests are coming from your genuine app binary running on a genuine Android device
[...]
Determine whether Google Play Protect is turned on and whether it has found risky or dangerous apps installed on the device
Google Play Protect includes on-device capabilities that help keep devices and data safe. These on-device services integrate with cloud-based components that allow Google to push updates that constantly improve their functionality.
Because Play Protect works doesn't mean Integrity API will.
You need Google Play Certification to pass Play Integrity checks.
For Waydroid this is the only step you should need, unless you add Magisk.
Magisk breaks other checks.
I doubt it does, google would never approve that. Maybe if it would pretend to be an other, genuine device, but I'm not sure the devs want to deal with that
If I am not mistaken, not all apps run on Waydroid, specially banking stuff will freak out because they have systems to know that you are running on true, verified hardware or not.
I'm afraid banking apps cannot be solved. They already require you to install sketchy system mods if you have just rooted your genuine phone with the original OS
I mean, with this dualOS device it would be solved... And recognition of Linux mobile would increase, hopefully making banking apps look for other systems of "verification".
No, not that easily. Your phone could have 2 flash storages and do all the android stuff in there, with hardware TPM, A/B root, verified boot, rollback prevention, not rooted etc.
Ironically this is not even enforced by those shitty banking apps, GrapheneOS is way more secure and will probably be blocked by some apps soon, as they are not a "google certified OS", replacing the old SafetyNet.
I see now, you're partly right. But I don't think such a device would be "approved by google", the party who decides which device configurations are "trusted"