Banking apps seem to be a motif among things that don’t play well with privacy ROMs. My bank’s website does everything I could want out of it. I think I might be ignorant to something.
- What about banking apps is especially compelling?
- How often do banks put must-have features behind an app?
- And should I be concerned that banks might move away from offering services through browsers?
NFC payments
Works fine on lineage os
Notifications and Mobile Deposit are the 2 features from banking apps that I find compelling.
Can’t do anything about mobile deposits, but for notifications, you could get the notifications emailed to you and your email app has push notifications.
Bold of you to assume my email app has push notifications
- A sad Proton user using a de-Googled device
Actually, I am in that exact same situation, so I know exactly what you’re talking about.
I mean, they could offer it through the browser. All modern browsers have more than enough hooks and permissions control to do something as simple as take a couple pictures and make a basic request to a back end.
Though making nice things costs money, so…
Oh, of course they could do so, but they won’t do it because they want you to use their app. They want you to use their app because they control it and can mine data from it more so than on a web browser. Take Cime, for example. It has all kinds of Google trackers in it.
i worked on someone’s laptop recently that was set up for mobile deposits via web browser. they also had a bank-provided scanner, too, that worked with it. so it is possible, and it is being done.
I wouldn’t want bank notifications emailed to me. Maybe a notification that I have a notification, but no real content. Email is incredibly insecure.
Depends on the bank and what kind of notifications you want.
Some banks only allow certain types of notifications to occur through the app.Yeah, that is a good point.
They are important.
In need to use them on the go so it’s a must have.
I don’t run an OS on my phone or laptop that could run a proprietary banking app in the first place. Can’t be inconvenienced if you don’t know what convenience feels like in the first place.
I’ve never used a banking app and I do quite a bit of business with multiple banks.
2FA must be done through the damn app. It’s TOTP (six digit) but locked behind god knows what. I asked for alternatives and they looked me like I was a caveman.
When they give you that QR code for the 2FA app, print it out and file it away. That is the seed.
That would tempt me to dump a backup with adb and rifle through the app data to find the seed
most banks here require 2fa so theres that
and most block even it on custom roms
cant wait for this shit to be cracked already
The only time I’ve willingly used a banking app is when they lock out my VPN IP. In those cases the app still usually works for whatever reason. So far, I haven’t found any functionality missing from the webapp, but I’m also dealing with brick and mortar institutions.
I would be concerned as they will eventually probably move to a phone app first ecosystem, however it will probably take a while. Some people are still only using in person and phone banking (where you call them and punch in numbers).
I don’t use them and haven’t missed them. I see one of my local branches has ripped out its outdoor ATM’s though. Wonder if that’s related to moving stuff to apps.
Website here is awful. Paste is disabled, it’s not optimized for mobile, it’s a PitA to use, & there is literally code to check if the user is running Netscape Navigator 4. The site has a weird encoding that doesn’t allow English punctuation, & to change your email or phone number requires physical documents, ID, & a wait period. The app is poorly coded & doesn’t work if you have root, are running a custom ROM, (& likely if you don’t have Google services)—so I do just use the site. …But if we are being real, I actually always keep cash on me & cash is preferred so while the problem is still relevant, needing the app/site isn’t dire.
What is really missing for my country on the site is QR code scanning for bank-to-bank transfers that a lot of vendors use & to do some bill payment. For instance, while I could set up the electric bill to auto-debit, my internet bill only has QR scan without a physical bank number I could transfer to (& the short list of utilities doesn’t include my net)—so I take a 25-minute bike ride in the heat once a month to pay that bill but I reward myself by getting to swing by the nearby-ish Hong Kong pie bakery to get a treat & a latte to make out-of-the-way trip feel worth it.
When I do have to use the site & since there is no QR code scanning, the workflow is:
- Login (I have a script to block their paste-blocker to use my password manager)
- Create a new recipient which requires a unique name, the account number + their banking service provider, phone or email, and 12-digit SMS 2FA code (no TOTP or FIDO2 option); this process is done on a desktop-only site which is hard to work with
- Confirm that with email
- Go to transfers, select my from account (despite me only having one account & no default preference option), find that user I created, fill in an amount, do another 12-digit 2FA
- Then they want to take a picture of my phone after the transfer for whatever reason reason
This process due to bad UX can take up to 10 minutes if they are not ready. So the tl;dr is to carry cash or hope an ATM is nearby.
I had discussed it with a local & he said there has been more push towards cashless brought on by businesses/government wanting to track everything & tourists demanding their privacy-invasive ‘comforts’ like $BIG_TECH_PAY & $CREDIT_CARD options despite most folks being fine with cash. Cryptocurrency is basically never accepted either.
If the day comes where I don’t have a choice, I will start carrying a second device with nothing but banking & similar nonsense that prevents my freedom to do what I want with the device I own. OP knows the website experience matter since it not only gets ported to platforms outside the mobile monopoly but sandboxes the banks for spying on your device & asking questions that aren’t their business like if I run an unGoogled ROM. Good thing there was a mass of pushback against Google trying to add attestestion to Chromium ore we’d enjoy the same nonsense on the web too where I’m sure Linux would be block by these goobers.
Cashing checks and zelle are the big ones
Zelle is sketchy even when compared to other cash transfer apps. They do a lot of freezing people’s money. Don’t use them if you have any other option.
I use Zelle almost exclusively for my business and I have never had an issue with it.
Do you have some examples?
Same here, mobile check deposit and Zelle are literally the only things I’ve ever needed a bank app for.
I used to never use Zelle for anything but too many friends/family want to use some sort of app for exchanging money & that’s usually what we settle on. And my old landlord wanted rent paid via Zelle so that was another thing that forced me to install a bank app for Zelle purposes.
Mobile check deposit is a requirement when dealing with a bank without any locations nearby. In practice I only need to use that once a year or so, checks are kind of rare nowadays unless you’re a business owner with clients/customers paying with checks.
Depositing checks is about the only useful thing I’ve seen on my local bank’s app, but that only matters if you do business stuff with people who pay with checks.
My bank’s 2FA works only via their app or via SMS. For SMS I would have to pay per each received SMS.
The app perfectly works without safetynet, with microG, rooted with magisk but hidden by zygisk, so I’m lucky. At one update they added a popup at start after login about asking to add my card to Google Wallet (or whatever it’s called nowadays), and it’s not implemented in MicroG, so I can’t open it since that version. I just downgraded to the last working version and blacklisted its upgrades in Aurora, and I hope they won’t block my old version in the near future.
It’s a very progressive small local bank, I will contact them about this issue if they block my old version to make that dialog optional.
I’ve never used a mobile banking app. Been using smartphones since they became generally available. I don’t need any payment apps and I generally don’t do anything important on my cellphone except for communications.
My bank only has an app, no website option, but luckily it works just fine on GrapheneOS with no Google Play. I barely use it anyway as I pay cash everywhere possible
