• Chewy
    link
    fedilink
    11
    edit-2
    9 months ago

    The banking apps I’ve tried don’t require SafetyNet, instead they use Android AOSP’s basicIntegrity. The latter doesn’t require certification by Google, but also checks whether the device is rooted and the bootloader is locked.

    This means custom ROM’s on most devices won’t pass basicIntegrity, as only Google Pixel, OnePlus and Fairphone allow for relocking the bootloader.

    • Max-P
      link
      fedilink
      79 months ago

      OnePlus no longer supports that as of ColorOS OxygenOS 12 unfortunately.

      • Chewy
        link
        fedilink
        1
        edit-2
        9 months ago

        That’s a bummer. Seems like Google Pixel and Fairphone are the only ones left. I don’t even know why manufacturers wouldn’t allow for relocking or even unlocking of their phones. I can’t imagine they make much money with user data and the phone is already paid for. Warranty claims shouldn’t be much of an issue either, as modifications can be easily detected and it’s likely not a relevant amount of people anyway.

        • @Spiralvortexisalie
          link
          English
          69 months ago

          As I understand it, the stated purpose is to prevent supply chain attacks and ultimately possible damage to their brand. In practice many of these same vendors ship their own spyware and do not want it removed.