Paying without Google: New consortium wants to remove custom ROM hurdles
www.heise.de
Using banking and payment apps on Android smartphones with custom ROMs is a problem: A European industry consortium now wants to change that.

Pay securely with an Android smartphone, completely without Google services: This is the plan being developed by the newly founded industry consortium led by the German Volla Systeme GmbH. It is an open-source alternative to Google Play Integrity. This proprietary interface decides on Android smartphones with Google Play services whether banking, government, or wallet apps are allowed to run on a smartphone.

  • Captain Beyond@linkage.ds8.zone
    551·
    24 hours ago

    GrapheneOS is critical of this initiative here and I think their criticism has merit. This simply moves the gatekeeper from Google to a handful of OEM’s who won’t let you use anything other than their blessed OS’s.

    • Delascas@feddit.ukEnglish
      314·
      23 hours ago

      Has the GrapheneOS team ever, once, been supportive of ANY other custom ROM initiative? I ask this as someone with both a GOS Pixel10 and a FairPhone 6 running /e/ on my desk this week.

      For as good as their security approach is, their constant shit talking of others also making efforts to free us from big tech helps no-one.

      Oh the irony of using the phrase “blessed OS’s” coming from the GOS camp.

      • Captain Beyond@linkage.ds8.zone
        4·
        6 hours ago

        I wouldn’t characterize myself as “the GOS camp” (I use LineageOS) I just happen to agree with them sometimes, and this is one of those times.

        I do imagine this response is to some degree influenced by their beef with /e/ (an OS I don’t have a high opinion of either, but for other reasons). It just seems to me that people see “not google” and think it’s a good thing, but a gatekeeper determining which OS you are allowed to use with what apps is fundamentally a bad idea even if it’s not google.

      • 20dogs@feddit.ukEnglish
        6·
        11 hours ago

        One or more neutral organizations could exist certifying devices and operating systems without providing a centralized API. Those organizations could simply provide signed releases with the roots of trust, revoked keys and operating system key fingerprints. Apps could use multiple different certifying organizations. This is already something Android’s hardware attestation API fully supports today.

        Then why doesn’t GrapheneOS offer that alternative to banks etc

        • potustheplant@feddit.nl
          1·
          2 hours ago

          Because you can’t unilaterally just save credit card information and use it for payments. Your bank has to support and approve the app/service.