Because some banks now require you to authenticate every payment (eg. online payments using your debit card) and every new recipient for bank transfers, using their phone app. The apps rely on the chain of trust that Google and Apple provide with their TPM or “secure enclave” chips to cryptographically authenticate that it is indeed the same device that the bank previously authorized.
Online banking via the website of these banks will still require at least one tap on the phone app to authorize any transfers that you make on the website.
Linux phones (and custom Android ROMs) don’t benefit from this same chain of trust, and so even if they have the secure chip in the hardware, the banking apps don’t have a convenient API to query it, so the banking apps just don’t work.
Banking fraud causes a serious amount of money lost to criminals each year so it’s not surprising that the banks want better ways of determining if a request is really coming from their customer('s device) and not a criminal who phished their online banking password.
This situation won’t change unless either Linux phones gain in popularity enough that the banks decide to port their apps to the platform or a law is passed saying that banks must support more than just Google and Apple (ie. custom roms etc.) at which point the work will be done to use the hardware attestation available in the phone on other software platforms.
I know several banks who’s apps don’t need Google Attestation. I would also not use a bank that forces an app as the main point of contact as my main one. A lot of banks around here offer a tan-device as an alternative. There’s also a lot of transport associations that offer nationally valid chip-cards.
I do see why it’s a problem, but I also don’t think that one should let such services dictate their choice of mobile device. I do know that I come from a privileged position, living in a country where I have options.
if you’re aware there are countries where the options you’re talking about dont exist, maybe you also get why some people are so hung up on these banking apps?
I do get it, and I could have phrased it differently. My point mostly is, it is often painted as an insurmountable problem for adoption, and while that might be true for a lot of users, there’s also a large number of user for who it isn’t.
Also, for me personally, I’d rather switch banks than use a phone with a stock rom, but I know most people don’t view things that way.
Because some banks now require you to authenticate every payment (eg. online payments using your debit card) and every new recipient for bank transfers, using their phone app. The apps rely on the chain of trust that Google and Apple provide with their TPM or “secure enclave” chips to cryptographically authenticate that it is indeed the same device that the bank previously authorized.
Online banking via the website of these banks will still require at least one tap on the phone app to authorize any transfers that you make on the website.
Linux phones (and custom Android ROMs) don’t benefit from this same chain of trust, and so even if they have the secure chip in the hardware, the banking apps don’t have a convenient API to query it, so the banking apps just don’t work.
Banking fraud causes a serious amount of money lost to criminals each year so it’s not surprising that the banks want better ways of determining if a request is really coming from their customer('s device) and not a criminal who phished their online banking password.
This situation won’t change unless either Linux phones gain in popularity enough that the banks decide to port their apps to the platform or a law is passed saying that banks must support more than just Google and Apple (ie. custom roms etc.) at which point the work will be done to use the hardware attestation available in the phone on other software platforms.
I know several banks who’s apps don’t need Google Attestation. I would also not use a bank that forces an app as the main point of contact as my main one. A lot of banks around here offer a tan-device as an alternative. There’s also a lot of transport associations that offer nationally valid chip-cards.
I do see why it’s a problem, but I also don’t think that one should let such services dictate their choice of mobile device. I do know that I come from a privileged position, living in a country where I have options.
if you’re aware there are countries where the options you’re talking about dont exist, maybe you also get why some people are so hung up on these banking apps?
I do get it, and I could have phrased it differently. My point mostly is, it is often painted as an insurmountable problem for adoption, and while that might be true for a lot of users, there’s also a large number of user for who it isn’t.
Also, for me personally, I’d rather switch banks than use a phone with a stock rom, but I know most people don’t view things that way.