Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Yes, I understand many banking apps do work and from reports I have read online it even seems like a couple of the banking apps I use are among the good ones. What gives me pause is how fragile the situation is. Banking apps get "upgraded" all the time to include new security "features". Already I have had my main banking app refuse to work because I had accessibility features enabled for a different app, and subsequently refuse to work again because I had developer mode enabled. If my banking app works on GrapheneOS I am convinced it is because the bank has not gotten round to blocking it yet and it's only a matter of time, unfortunately.


If you want your bank to take the liability for any monetary losses from your account getting hacked (for example, through spyware using accessibility on Android), then you have to be OK with their requirements.

If you don't like their requirements, you need to take the liability yourself. You could use PayPal or a stablecoin to store your money.


Or root with Magisk and hide the developer mode from the offending app. Unfortunately it's always a cat and mouse game, so for some apps it's probably easiest to have a cheap, outdated (and by some metrics thus unsafe) device in a drawer at home.

Your money is far more at risk with scams and phishing than it is with whatever boogeyman spyware you may try to think of that does not exist in real life.


Spyware using accessibility on Android still makes Play Integrity valid.

We're in this funny situation where the hacked and outdated device is considered more "secure" by Google because Google controls it


There has to be a limit here. Blocking accessibility in the name of security is piece of shit behavior. That's uh, a technical term.

Banks have plenty of money. They don't need to be up your ass to keep liability down.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: