Why don't banks like root on Android? - eviltoast
  • Chewy@discuss.tchncs.de
    link
    fedilink
    arrow-up
    11
    ·
    edit-2
    7 months ago

    The banking apps I’ve tried don’t require SafetyNet, instead they use Android AOSP’s basicIntegrity. The latter doesn’t require certification by Google, but also checks whether the device is rooted and the bootloader is locked.

    This means custom ROM’s on most devices won’t pass basicIntegrity, as only Google Pixel, OnePlus and Fairphone allow for relocking the bootloader.

      • Chewy@discuss.tchncs.de
        link
        fedilink
        arrow-up
        2
        arrow-down
        1
        ·
        edit-2
        7 months ago

        That’s a bummer. Seems like Google Pixel and Fairphone are the only ones left. I don’t even know why manufacturers wouldn’t allow for relocking or even unlocking of their phones. I can’t imagine they make much money with user data and the phone is already paid for. Warranty claims shouldn’t be much of an issue either, as modifications can be easily detected and it’s likely not a relevant amount of people anyway.

        • Spiralvortexisalie@lemmy.world
          link
          fedilink
          English
          arrow-up
          6
          ·
          7 months ago

          As I understand it, the stated purpose is to prevent supply chain attacks and ultimately possible damage to their brand. In practice many of these same vendors ship their own spyware and do not want it removed.