GrapheneOS (@GrapheneOS@grapheneos.social)
grapheneos.social
Unfortunately, Revolut has banned GrapheneOS users from logging into the app because of an incorrectly implemented device integrity check based on the anti-competitive Play Integrity API. Our users need to put pressure on apps like this to get them to whitelist GrapheneOS.

Unfortunately, Revolut has banned GrapheneOS users from logging into the app because of an incorrectly implemented device integrity check based on the anti-competitive Play Integrity API. Our users need to put pressure on apps like this to get them to whitelist GrapheneOS.

How you can help solve it:

  1. Open a support request explaining they’ve incorrectly banned a secure operating system with a link to https://grapheneos.org/articles/attestation-compatibility-guide with how to fix it.2) Contact their management on LinkedIn and other platforms with the same thing.3) Play Store review.

We have a thread with more details on the highly anti-competitive Play Integrity API masquerading as a security feature here:

https://grapheneos.social/@GrapheneOS/112878067304840664

Play Integrity API forbids a far more secure OS than anything they allow but yet it permits devices with no patches for 8 years.

United States v. Google LLC (2020) recently found that Google’s Android partner system and therefore the Play Integrity API based on it is illegal.

We’re in active contact with the EU Commission about the Play Integrity API and are hopeful they’re going to do something about it.

Here are the Play Store pages where you can leave feedback:

https://play.google.com/store/apps/details?id=com.revolut.revoluthttps://play.google.com/store/apps/details?id=com.revolut.business

Ask them to use the Android key attestation API to perform attestation with the ability to permit GrapheneOS. We linked our guide on using it above and it works well.

Revolut is misleading users making support requests by falsely claiming there’s a compatibility issue with GrapheneOS. It’s not true. They’re banning using a non-Google-approved OS. If it was a compatibility issue with this widely used app, we’d have worked around it on our end.

In some of their responses, they claim they check for a Google-certified OS for security reasons. Can’t be true, because they’re permitting an OS which hasn’t received security patches for the past 8 years. They’re disallowing a much more secure OS than anything Google approved.

Banning a more secure operating system as part of implementing a fake security feature shows serious anti-security culture at RevolutApp. A company which deliberately permits a device with no patches for 8 years but not a hardened OS does not understand or care about security.

Can see it’s clearly because they’re banning GrapheneOS because they show an error at login about you using an OS they don’t support. It is not a compatibility issue. Meanwhile, they support every insecure OEM fork licensing Google apps no matter how long it hasn’t been patched.

  • BakedCatboy@lemmy.mlEnglish
    8·
    3 days ago

    Did my part and left a 1 star review. Although I’m on lineage I’m blocked as well. I plan on moving to graphene so this is not great to hear. I even switched banks because of these shenanigans.

  • isolatedscotch@discuss.tchncs.deEnglish
    31·
    2 days ago

    my banking app (not Revolut, but another of those online banks) has been doing this for a while, but the old version of the app worked just fine, until yesterday when they decided to brick it with an update app prompt.

    Fuck them, time to dust off frida and bypass all this shit. My phone, my choice

  • vrighter@discuss.tchncs.deEnglish
    31·
    2 days ago

    this sucks. I also lost access to my mobile banking app on a standard unrooted phone, because I use a custom open source keyboard, and KDE connect. Who made google an authority on all software. Whitelists don’t and can’t work in an open ecosystem.

  • Anna@lemmy.mlEnglish
    3·
    3 days ago

    This is not the only app in recent days more and more apps are implementing such things…

    I hope your EU bid works out.

  • deafboy@lemmy.worldEnglish
    3·
    3 days ago

    Thanks for the heads up.

    Email with my concerns and link to attestation api guide sent.

      • QuazarOmegaAEnglish
        2·
        2 days ago

        I don’t know if it’s just a case of poor phrasing or she actually believes MicroG to be an OS… Good that they replied at all, but I feel like this response is not coming from a technical person and she just forwarded some generic info.
        Hope that our push to support the platform does something in the long run

        • deafboy@lemmy.worldEnglish
          2·
          2 days ago

          I guess some people were asking about microg in the past, so they’ve just replied with the same template, adding graphene to the list.

          Hope that our push to support the platform does something in the long run

          Yup, I did not expect any kind of immediate reaction. But if we keep politely nagging the companies, somebody might mention the issue in front of a colleague capable of doing something to address it.

          To speculate a bit further, our bargaining position would be better if Graphene would offer it’s own phones through the standard channels. On the other hand, we remember the CyanogenOS and Copperhead fiasco…