privsec.dev/content/apps/Banking Applications compatibility with GraphheneOS.md

title	date	tags	author	canonicalURL	ShowCanonicalLink
Banking Applications Compatibility with GrapheneOS	2022-01-26	Applications Android	akc3n	https://akc3n.org/projects/banking/	true

This is a on-going Work In Progress project to collect crowd sourced usage information on banking apps and present it in a manner that is easily accessible for users to figure out if a banking app works on GrapheneOS.¹

Banking apps are a very problematic app for security and privacy focused OSes, or even alternative OSes, due to the app being incompatible with majority of hardening, having a hard dependency on Google Play services, or require passing SafetyNet ctsProfileMatch and basicIntegrity.²

GrapheneOS passes SafetyNet basicIntegrity, but it is not certified by Google so it does not pass ctsProfileMatch.³

GrapheneOS's usage guide on banking apps.

---

List of Banking Apps

Australia

• Bank Australia App - Report
• Bendigo Bank - Report
• CommBank - Report
• NAB Mobile Banking - Report
• Westpac - Report

Austria

• Bank Austria Mobile Banking - Report
• Mein ELBA-App - Report

Belgium

• ING Belgium - Report

Canada

• Affinity Credit Union - Report
• BMO Mobile Banking - Report
• RBC Mobile - Report
• Simplii Financial - Report
• Tangerine Mobile App - Report

Czech Republic

• AirBank - Report
• CREDITAS Banking - Report

Denmark

• Mobilbank DK – Danske Bank - Report
• MobilePay - Report
• NemID nøgleapp - Report

Finland

• S-mobiili - Report

France

• La Banque Postale - Report
• Ma Banque - Report

Germany

• Commerzbank Banking - Report
• Deutsche Bank Mobile - Report
• flatex next - Report
• ING Banking to go - Report
• Kontist - Report
• N26 — The Mobile Bank - Report
• Penta — Business Banking App - Report
• Sparkasse - Report
• Tomorrow Mobile Banking - Report
• Volksbanken Raiffeisenbanken - Report
• Volksbanken Raiffeisenbanken — Companion App - Report

Hungary

• UniCredit mBanking - Report

India

• YONO SBI - Report

Netherlands

• Rabobank - Report

Norway

• Vipps - Report

Poland

• IKO - Report

Romania

• BT Pay — Banca Transilvania - Report
• Raiffeisen Smart Mobile PI - Report

Serbia

• Moja mBanka Raiffeisen - Report

Sweden

• Avanza - Report
• BankID säkerhetsapp - Report
• Mobilbank SE — Danske Bank - Report
• Nordea Mobile — Sverige - Report
• Swedbank private - Report
• Swish payments - Report

Switzerland

• Credit Suisse - Report
• Raiffeisen E-Banking - #26

Taiwan

• Cathay United Bank - Report
• Chunghwa Post - Report
• CTBC Bank Home Bank -Report
• Taishin International Bank - Report

United Kingdom

• Amex United Kingdom - Report
• Barclaycard - Report
• Chase UK - Report
• HSBC UK Mobile Banking - Report
• Lloyds Bank Mobile Banking - Report
• Monzo Bank - Report
• NatWest Mobile Banking - Report
• Starling Bank - Mobile Banking - Report
• Virgin Money Mobile Banking - Report

United States

• Alliant Mobile Banking - Report
• BECU - Report
• Chase Mobile - Report
• Chime Mobile Banking - Report
• Citizens Bank Mobile - Report
• DCU Digital Banking - Report
• Discover Mobile - Report
• Fidelity Investments - Repor
• Fifth Third Mobile Banking - Report
• Grow Mobile Banking - Report
• GTE Mobile - Report
• GTE Cards (GTE Financial - Debit/Credit card management) - Report
• Schwab Mobile - Report
• Texan CU Mobile - Report
• USAA Mobile - Report
• U.S. Bank Mobile - Report
• Wells Fargo Mobile - Report

---

List of Submitted Banking Apps

Here you will find a current list of submitted Banking Apps that work on GrapheneOS via this projects issue-tracker.

Submit a Banking App

Report a banking app's compatibility on GrapheneOS

Please use this issue form to submit a report on the banking app that you use on GrapheneOS:

SUBMIT REPORT

Alternative Ways to Submit

For non-GitHub users that would like to contribute:

• Gist
• Screenshot
• Download Raw (Right Click → Save Link As)

curl -O https://gist.githubusercontent.com/akc3n/e845078ddbbb28ada0dd055c51ec45af/raw/63b2d2444bf0b9881c22c2a0514a1163116ec27f/issue-form.md

My Contact info for alternative method of submitting banking app report.

---

Notes

If you have any issues with what is listed on this site or about this project page, you may open an issue on this websites issue-tracker or contact me directly.

• GrapheneOS has a detailed guide for app developers on how to support GrapheneOS with the hardware attestation API. Direct use of the hardware attestation API provides much higher assurance than using SafetyNet so these apps have nothing to lose by using a more meaningful API and supporting a more secure OS.

GrapheneOS users are strongly encouraged to share this documentation with app developers enforcing only being able to use the stock OS. Send an email to the developers and leave a review of the app with a link to this information. Share it with other users and create pressure to support GrapheneOS rather than locking users into the stock OS without a valid security reason. GrapheneOS not only upholds the app security model but substantially reinforces it, so it cannot be justified with reasoning based on security, anti-fraud, etc.

Contributors

Thank you for collaborating on project and contributing:

• June - Commits
• JollyRoger - PR

---

1. twitter.com/ZanthedNT | nitter.eu ↩︎

2. twitter.com/ZanthedNT | nitter.eu ↩︎

3. GrapheneOS Banking apps - paras. 3, ln. 2 - twitter.com/ZanthedNT | nitter.eu ↩︎