For all the "My Banking Apps don't work", I'd raise one question:
Do you really need access to banking apps on the go? I get that it can be handy and maybe you legit do, but I'd wager most people don't really do. If you can pay by phone you can pay by card and the card has less potentially to weirdly break.
And if your bank demands a phone app to be used, you can always have a cheap stock android lying around at home. Can't get stolen or lost. Doesn't give big G any data on you, because that phone doesn't have anything but those apps.
But I also understand "just have a second phone" is not a tempting idea for many people. I am not much of a phone person, so I'm not a good case study, but it works fine for me.
I've never used a banking app on my phone, and I have no desire to. It's the least secure device I own (in spite of running Graphene). It's the most likely device to get lost or stolen.
I currently have accounts with 3 different banks in Belgium. They all offer an app which I ignore. Online banking works just fine, heck, better than fine, it's excellent. One bank uses auth derived from my debit card (which I have to insert into a card reader to sign transactions). The other two use hardware tokens. The hardware token for my business account has a built in camera which scans QR codes displayed by the website. When signing a payment, I scan the code and the token asks "Confirm payment of 123eur to XYZ?".
I cannot speak for every country but in the Netherlands, your banking app also serves as a 2FA instrument if you place orders with your credit card. A pop-up notification will ask you to confirm if you have indeed placed the order. While I will admit that it is possible to predict such use cases and take your phone along, it is becoming a bit difficult to predict what part of some account or service's login flow will require a confirmation with your device.
I'm pretty sure that's what your parent is describing.
In my case, I often spend multiple days at my parents' house. Now, I mostly don't order online, but sometimes something comes up and in that kind of situation, most merchants will have me go through the verification.
Since this doesn't happen frequently, I'm more likely than not to not have hauled my secondary phone, especially since I very much prefer traveling light. Now, could most of those occasional purchases not have waited for my return home? Eh... most probably could've. Doesn't make it less annoying, though, for no good reason.
Some people will suffer some inconvenience for something that they think is worth it and some people will do everything to no do anything because it is
too much trouble. Sometimes they are the same people but in regards to different areas. For example I would never grow my own carrots. What for? I can buy them. And my wife would never built self hosted media server. Why spend 5k$ on PC when you can just buy Netflix?
And there is 3 kind of people that do one of the above and go around in real life and online and tries to convince everyone that THE THING that they are doing is THE ONLY, TRUE SOLUTION. Like vegans or cyclists.
In reality none of this is true. If Graphene OS would tomorrow became, magically the only mobile OS in existence they would became next evil tech company in few years. Because power corrupts.
Mobile apps are how most people do banking these days, and it shows. In my experience banking apps are a lot more maintained and modern than classic online banking interfaces.
So you're not just sacrificing "on the go" banking, you are likely sacrificing use of the best interface your bank offers.
Sadly true, while not being a phone person, I have started using my home banking phone for tasks I used to do on my desktop. Still never leaves my office.
Also, most smartphones (especially GrapheneOS, iOS, Pixel, etc) are far more secure than desktops/laptops. So also from a security perspective it's better to do banking on a phone.
This has to be some fascinating regional difference, because my personal experiences suggest the opposite. Would you be willing to elaborate ( in general terms/locations if too sensitive )?
Some info in case someone is on the fence about this, and are living in the UK. I use Monzo, and that works perfectly on GrapheneOS.
If they ever stopped working, I would just CASS to another bank. A bank that has a posture that something like GrapheneOS is too insecure to use their app on is a bit of a red flag.
> Do you really need access to banking apps on the go?
Not strictly, no, but it's useful to be able to relatively-quickly check my balances (and possibly shuffle funds around between checking/savings and my credit-union-issued credit card). I could use my credit union's website for that, but it's faster to open the app and scan my thumb.
Thankfully, my credit union's app has no issues with GrapheneOS, aside from needing to enable “exploit protection compatibility mode” to keep it from crashing on startup.
Sorry but thats a statement thats just willfully ignorant.
Yes people need to have access to their financials when under way.
That can range for PushTans, CreditCard Confirmations, to checking their budgets, moving something from one account to another, topping up your Prepaid Card. Or just being able to Pay with a Card on your Phone when you forgot your Wallet.
Sure you could say I do not go out and do not need that but realistically this is just how the world works now.
Personally I would just love Apple to be forced by governments to open up their hardware by releasing complete documentation of their hardware and allowing to install another os or dual boot. iPhones hardware is really good and would love booting Linux on theses. And then force every services company to provide an API to their services so we have an alternative to their app. I guess Motorola partnering with GrapheneOS will not change anything in this space because contactless payments and some apps will not work and fundamentally because the sales will be way below mainstream brands like Apple/Samsung. Governments need to step up here.
I admire the de-Googled approach of GrapheneOS. As a lawyer, privacy concerns resonate with me too. I love the rebellious attitude of tech that presents an alternative choice in an overly duopolistic market.
That said, I wouldn't last 8.4 months like the author. Even though he admits to some Google app usage, I'm in too deep — I'd never be able to get out. But if I get the chance, I'd like to try it on a secondary phone. Those solid black icons are one reason. They look cool.
my take on this is to some advocates probably shocking. But I think you don't need to perfectly switch and never touch anything google again.
I personally just encourage people to take a look at what you are using, and if you could gradually change some of it. Who knows sometimes alternatives even offer better services. I am not saying never use anything google ever again. Just question your tools regularly and peruse the alternatives.
Not wanting to discourage you from trying Graphene, but the icons are probably not a good reason. Can always install an alternative launcher and icon pack on stock android.
Running Graphene for a long time now, everything works perfectly fine, but I don't do mobile banking.
TBH What I wanted from the world is AOSP distribution. Built similarly to GrapheneOS in terms of distribution, ease of install. But I just don't feel I need all these privacy enhancements and stuff, I'm perfectly fine with ordinary system compiled from Google sources with proper update schedule. Also I don't want to see anything installed out of the box, except maybe single app to install AOSP apps, F-Droid, Play Store, just APK from the given URL. So basically almost empty mobile OS which user fully customizes, no predefined choices, no custom patches.
it's very minimal ootb and has a better update schedule than 95% of oems (alas)
Any OEM right? Google is the fastest OEM with Pixel and GrapheneOS often rolls out patches earlier than Google (not bound by a monthly schedule + they do embargoed patches when you use the right branch).
I know very little about lineageos. Their website contains very few docs, so I don't really understand what's this project is about. They don't mention Pixel 10, so I guess it's not supported.
GrapheneOS website in comparison contains a lot of things to read, so after a hour of thorough reading I had good impression what GrapheneOS is.
Are the websites really that different? (i use iphone) I checked both homepages and impression I got is that Lineage is android that focuses on long term support (the name points that out) and Graphene is not android (ok?) and it's focused on security.
Your Pixel 10 is not in Lineage devices so i would also assume it's not supported. (maybe it's too new?)
I run a degoogled Samsung, keep all my banking apps in a work profile. Ive been seeing a lot of people have issues with Graphene and banking apps, but wouldn't the work profile function on there too? Could you install the Google Play Services on the work profile and run it separately to your main phone?
I personally would not put work profile on a phone intended for privacy. In other words, you likely can, but the question quickly becomes: why would you want to? It undermines its purpose.
While this is good news, the cynical in me is waiting for Motorola GrapheneOS, with the changes that make it actually relevant for normies, and then the whole idea goes the way of netbooks.
GrapheneOS had an estimated 400,000 users three months ago (based on update downloads) and the user base seems to be growing quite fast. I think for Motorola, potentially a few million users buying flagships for GrapheneOS are a very attractive market. So, I'm not cynical.
I’ve been using GrapheneOS for a couple of years now, and it’s been perfect for me. Contactless payments used to work fine, but then my bank switched to Google Wallet. Since then, I’ve just kept a physical card tucked behind my phone case so I can use it when needed.
so use a card? there is always something. breaking free is never going to be without ANY inconveniences, it's how they build their moat after all. okay so once those two work, one goes to the next thing on the list; "I wish I could switch but I can't use gboard on it and the swiping is 0.5% better than the stock keyboard so it's unusable to me"
(you can use gboard, that was just an example - but it's always these small inconveniences, just like in the chrome vs firefox threads)
In Europe contactless payment is nearly everywhere - nearly every store supports it. Even in Germany (which is historically very pro-cash), since Covid more and more people pay with card and many of whom pay contactless.
In the EU we have some rules that even contactless payments with card sometimes, but not always, need to have some kind of additional authentication in the form of entering your PIN. Contactless payment methods via phone or watch don't have this need because they already have their own authentication methods. That's why so many people pay with their phone or watch. Its just more convenient and always contactless. (no PIN needed)
How is it in the US? Are things like Apple Pay still limited to certain stores?
I live in Europe, I experienced many people paying with the phone/watches, it was never faster than tapping the bank card. Anyway PIN is required only for purchases over 20EUR.
In Europe? Debit cards. Hardly anyone uses a credit card in a supermarket.
If I'm going out I'll have both a debit card and cash in my wallet. Given that large scale outages of payment networks are no longer theoretical but to be expected, not carrying cash is just silly. Since I have a wallet in any case, I see no point in using contactless payments on a smartphone — I usually don't take it with me when getting groceries.
I have no idea if I can even do contactless phone payments on GrapheneOS, but since everything else works (including my bank's app), I don't care.
> In Europe? Debit cards. Hardly anyone uses a credit card in a supermarket.
Such sweeping statements are impossible for "Europe". It's a big place. Plenty of people use credit cards in supermarkets. But it's orthogonal to the discussion. A creditcard can be contactless or on a phone. Or on a watch.
That article lists some reasons why using a credit card doesn't make sense in most European countries. It's not a way to build up your credit score for one. As a Dutchman, the only way I can lower my credit score is by taking on debts (with the exception of a mortgage).
The US is a big place too. I am fairly comfortable in making the sweeping statement that credit cards are a thing used by many people there.
I think it's healthy for a population to not have as part of day-to-day life to pay with credit, effectively paying with money you might not actually have, going into debt. How many US citizens are crippled by credit card debt, and the interest on it?
You can pay with credit card as a convenience + fraud protection mechanism without ever paying interest by just paying your bill off every month.
When chip and pin was first rolled out, Europeans were shocked by the low security of swipe cards in the US. The reason that wasn’t an issue for Americans was (and still is) that credit cards have excellent fraud protections.
If someone steals my credit card, it is the bank’s problem, not mine.
The risk of paying by debit card on a regular basis is unfathomable to me, even with fancy tech to try to make it secure.
I wasn't suggesting individuals shouldn't be able to pay with credit. I have a credit card myself, which I use when I can't pay with debit. I was suggesting that for a population as a whole, having paying with credit being so commonplace leads to crippling debt issues, which as far as I can believe "the reports", is an issue in the US.
Your comment on the risk of paying with debit cards surprised me. I've never considered it a risk at all. It made me realize that perhaps here (in the Netherlands) we have consumer protection systems in place, in addition to the payment systems, that prevent any issues.
It's not about credit/debit, it's about phone/card. Americans tend to use "credit card" as a generic term for payment cards.
And yes, phone NFC payment is one of those technically unnecessary conveniences that's really easy to get used to. You probably already have your phone out or at least accessible in like one second, paying with it instead of pulling out your wallet and finding a card or even cash is just sooo nice. I hate that I've gotten this used to it.
That being said, you can still get NFC payment on a rooted or reflashed phone. Instead of Google Wallet, find a bank or card provider that has their own app. I use the Curve "proxy card" and it works fine.
In my case sliding my card out of my wallet is faster than unlocking my phone given the lack of consistency of the fingerprint reader of my google pixel when using my smartphone case (and I am too clumsy to use a smartphone without a case covering both sides, broke too many screenw already). Some people just leave the card on their smartphone case too.
I also see a lot of people struggling because they need to pay while being on a call or because their smartphone is just way too big to be handled comfortably with one hand given the size of their hands.
Wallet was one of the reasons I abandoned my well working lineageOS phone on a redmi note 10 as it was a cat and mouse game over month. I feel as long as a vendor does not support an os and Google is so hostile against modifications, it is not a good feeling that they can pull the rug at any time. I was multiple times in the situation when I wanted to pay with the phone and was in the end rejected. I think we need to take NFC wallets and esims away from phone/os vendors again. A seperate NFC enabled vendor independent trusted platform would be IMHO the way to go. Especially with ID wallets and universal bank wallets on the way in Europe. This that they cannot use security as a killer argument to keep us in their walled gardens. I know the solution is cards or a second phone, but affordance counts.
Contactless payments are often a problem, but adding a card for Uber (directly in the app) should work. I use it frequently, along with Grab, Bolt, Maxim, etc.
good writeup. I've been meaning to set this up for myself too. I keep uninstalling apps from my phone every other day because if I use something very little, I am afraid the app is collecting data from my usage in some way or the other.
I have a fairly new ish Pixel phone, do you think I'll be able to go back if I don't like it?
Similar to GrapheneOS, Google also has a web installer (linked from the above section). Just in case you didn't know - both installing GrapheneOS and recovering the stock OS will remove all data as well.
Yes, it's super simple to install GrapheneOS and to revert to the factory OS on Google Pixels. It is done from Chrome browser with phone connected via USB cable, no need to install anything. Of course when you'll switch, you'll lose all data on your phone, basically like factory reset (but esims survive I think).
Do you really need access to banking apps on the go? I get that it can be handy and maybe you legit do, but I'd wager most people don't really do. If you can pay by phone you can pay by card and the card has less potentially to weirdly break.
And if your bank demands a phone app to be used, you can always have a cheap stock android lying around at home. Can't get stolen or lost. Doesn't give big G any data on you, because that phone doesn't have anything but those apps.
But I also understand "just have a second phone" is not a tempting idea for many people. I am not much of a phone person, so I'm not a good case study, but it works fine for me.
I currently have accounts with 3 different banks in Belgium. They all offer an app which I ignore. Online banking works just fine, heck, better than fine, it's excellent. One bank uses auth derived from my debit card (which I have to insert into a card reader to sign transactions). The other two use hardware tokens. The hardware token for my business account has a built in camera which scans QR codes displayed by the website. When signing a payment, I scan the code and the token asks "Confirm payment of 123eur to XYZ?".
It's plenty convenient for my needs.
https://privsec.dev/posts/android/banking-applications-compa...
In my case, I often spend multiple days at my parents' house. Now, I mostly don't order online, but sometimes something comes up and in that kind of situation, most merchants will have me go through the verification.
Since this doesn't happen frequently, I'm more likely than not to not have hauled my secondary phone, especially since I very much prefer traveling light. Now, could most of those occasional purchases not have waited for my return home? Eh... most probably could've. Doesn't make it less annoying, though, for no good reason.
(Not saying that you claimed they didn't.)
And there is 3 kind of people that do one of the above and go around in real life and online and tries to convince everyone that THE THING that they are doing is THE ONLY, TRUE SOLUTION. Like vegans or cyclists.
In reality none of this is true. If Graphene OS would tomorrow became, magically the only mobile OS in existence they would became next evil tech company in few years. Because power corrupts.
Are you putting me in the third kind of people?
So you're not just sacrificing "on the go" banking, you are likely sacrificing use of the best interface your bank offers.
Yes, I do.
I've had a government app not working once and one of the devs actually showed up on the GrapheneOS forums and now it does.
If they ever stopped working, I would just CASS to another bank. A bank that has a posture that something like GrapheneOS is too insecure to use their app on is a bit of a red flag.
In my case it's also the 2FA for credit card usage (as I have the visa/mc via my bank), not only bank transfers.
Not strictly, no, but it's useful to be able to relatively-quickly check my balances (and possibly shuffle funds around between checking/savings and my credit-union-issued credit card). I could use my credit union's website for that, but it's faster to open the app and scan my thumb.
Thankfully, my credit union's app has no issues with GrapheneOS, aside from needing to enable “exploit protection compatibility mode” to keep it from crashing on startup.
Sure you could say I do not go out and do not need that but realistically this is just how the world works now.
Luckily it works well on GrapheneOS though.
That said, I wouldn't last 8.4 months like the author. Even though he admits to some Google app usage, I'm in too deep — I'd never be able to get out. But if I get the chance, I'd like to try it on a secondary phone. Those solid black icons are one reason. They look cool.
I personally just encourage people to take a look at what you are using, and if you could gradually change some of it. Who knows sometimes alternatives even offer better services. I am not saying never use anything google ever again. Just question your tools regularly and peruse the alternatives.
also you can restrict some apps network permissions, for example i use the google camera app with the network disabled :p
Running Graphene for a long time now, everything works perfectly fine, but I don't do mobile banking.
I also work in mobile app/SDK publishing as a business dev and it's critical that I can install my clients' apps (thousand+) in private space.
It works great for me.
it's very minimal ootb and has a better update schedule than 95% of oems (alas)
you can install google play store & services from the app store, and pretty much everything will just work as you might imagine
Any OEM right? Google is the fastest OEM with Pixel and GrapheneOS often rolls out patches earlier than Google (not bound by a monthly schedule + they do embargoed patches when you use the right branch).
I just found out today I can't call anymore due to 3G ending in my city
I'm keen for a Motorola Graphene and then just install Google services anyway. For me the value is being freed from manufacturers UI and software
GrapheneOS website in comparison contains a lot of things to read, so after a hour of thorough reading I had good impression what GrapheneOS is.
Your Pixel 10 is not in Lineage devices so i would also assume it's not supported. (maybe it's too new?)
(you can use gboard, that was just an example - but it's always these small inconveniences, just like in the chrome vs firefox threads)
In the EU we have some rules that even contactless payments with card sometimes, but not always, need to have some kind of additional authentication in the form of entering your PIN. Contactless payment methods via phone or watch don't have this need because they already have their own authentication methods. That's why so many people pay with their phone or watch. Its just more convenient and always contactless. (no PIN needed)
How is it in the US? Are things like Apple Pay still limited to certain stores?
If I'm going out I'll have both a debit card and cash in my wallet. Given that large scale outages of payment networks are no longer theoretical but to be expected, not carrying cash is just silly. Since I have a wallet in any case, I see no point in using contactless payments on a smartphone — I usually don't take it with me when getting groceries.
I have no idea if I can even do contactless phone payments on GrapheneOS, but since everything else works (including my bank's app), I don't care.
Such sweeping statements are impossible for "Europe". It's a big place. Plenty of people use credit cards in supermarkets. But it's orthogonal to the discussion. A creditcard can be contactless or on a phone. Or on a watch.
https://n26.com/en-eu/blog/taboo-of-credit
That article lists some reasons why using a credit card doesn't make sense in most European countries. It's not a way to build up your credit score for one. As a Dutchman, the only way I can lower my credit score is by taking on debts (with the exception of a mortgage).
The US is a big place too. I am fairly comfortable in making the sweeping statement that credit cards are a thing used by many people there.
When chip and pin was first rolled out, Europeans were shocked by the low security of swipe cards in the US. The reason that wasn’t an issue for Americans was (and still is) that credit cards have excellent fraud protections.
If someone steals my credit card, it is the bank’s problem, not mine.
The risk of paying by debit card on a regular basis is unfathomable to me, even with fancy tech to try to make it secure.
Your comment on the risk of paying with debit cards surprised me. I've never considered it a risk at all. It made me realize that perhaps here (in the Netherlands) we have consumer protection systems in place, in addition to the payment systems, that prevent any issues.
And yes, phone NFC payment is one of those technically unnecessary conveniences that's really easy to get used to. You probably already have your phone out or at least accessible in like one second, paying with it instead of pulling out your wallet and finding a card or even cash is just sooo nice. I hate that I've gotten this used to it.
That being said, you can still get NFC payment on a rooted or reflashed phone. Instead of Google Wallet, find a bank or card provider that has their own app. I use the Curve "proxy card" and it works fine.
I also see a lot of people struggling because they need to pay while being on a call or because their smartphone is just way too big to be handled comfortably with one hand given the size of their hands.
Uber couldn’t verify payment so I couldn’t take a ride when needed.
Google needs to whitelist graphene basically to work in the wallet app.
On that note, given that graphene is focused around security and privacy, perhaps not givng your payment data to google is probably a good thing
I have a fairly new ish Pixel phone, do you think I'll be able to go back if I don't like it?
Yeah, it is very easy, it's described here:
https://grapheneos.org/install/web#replacing-grapheneos-with...
Similar to GrapheneOS, Google also has a web installer (linked from the above section). Just in case you didn't know - both installing GrapheneOS and recovering the stock OS will remove all data as well.
Because when I had set it up, grapheneOS itself couldn’t install or set one up unless it was previously installed under the old OS.
So I had to set up my carrier and then install grapheneOS.
It can install eSIMs on its own now so this doesn’t matter other than confirming the eSIM carries over.
I’ve never reverted to stock android and I’m never looking back so idk if the eSIM survives the round trip.