- No Root
- No Bootlocker unlock
- No Custom ROM
- Needs Google Play Service
- Needs to be installed via Google PLay Store
- Needs my phone number
- Needs that SIM in that phone
- Needs that SIM in that slot
- Needs location
- Works only via Mobile Data
- Developer options disabled
- Needs someother app to be uninstalled
- Disable VPN (Firewall apps use that)
So for bank stuff to need a seperate phone, other for whatsapp (and other spyware) and then your main thing. And when you go out people ask questions.
I don’t understand my apps are developed with their security dependent of the OS, why can’t they make secure apps
Because the priority is not making secure apps, the priority is not being responsible for security incidents. The lawyers at the company making shitty apps (e.g.: your bank) want to be able to say “We followed industry best practices, which is whatever Google said to do”.
That being said: root, unlocked bootloader, and custom ROMs can all be big security problems. But if your bank’s app will not work on GrapheneOS, your bank just sucks.
I have a degoogled phone (LineageOS) and I was able to get my banking apps working by isolating them in a work profile using Insular and also putting MicroG and Aurora Store in there. MicroG tricks the apps into thinking you are connected to Google Play Services. IMO its better than having a 2nd or 3rd phone.
It is hit or miss with app updates, I don’t mess with bank stuff breaking randomly
