Banking apps seem to be a motif among things that don’t play well with privacy ROMs. My bank’s website does everything I could want out of it. I think I might be ignorant to something.
- What about banking apps is especially compelling?
- How often do banks put must-have features behind an app?
- And should I be concerned that banks might move away from offering services through browsers?
Notifications and Mobile Deposit are the 2 features from banking apps that I find compelling.
Can’t do anything about mobile deposits, but for notifications, you could get the notifications emailed to you and your email app has push notifications.
I mean, they could offer it through the browser. All modern browsers have more than enough hooks and permissions control to do something as simple as take a couple pictures and make a basic request to a back end.
Though making nice things costs money, so…
Oh, of course they could do so, but they won’t do it because they want you to use their app. They want you to use their app because they control it and can mine data from it more so than on a web browser. Take Cime, for example. It has all kinds of Google trackers in it.
i worked on someone’s laptop recently that was set up for mobile deposits via web browser. they also had a bank-provided scanner, too, that worked with it. so it is possible, and it is being done.
Bold of you to assume my email app has push notifications
- A sad Proton user using a de-Googled device
Actually, I am in that exact same situation, so I know exactly what you’re talking about.
Depends on the bank and what kind of notifications you want.
Some banks only allow certain types of notifications to occur through the app.Yeah, that is a good point.
I wouldn’t want bank notifications emailed to me. Maybe a notification that I have a notification, but no real content. Email is incredibly insecure.
Yeah, that’s a good point. Although I don’t know of many banks that would send the actual notification through email, just a message that you have a notification.
It’s a must for me. My phone is my primary day-to-day computer, so I need to be able to so everything from that. Unfortunately that is also why I’m not using graphene OS, because our government 2FA system doesn’t work in graphene OS (even with play services installed) so it’s impossible to do anything. I can’t check anything WRT banking, schools, taxes, daycare, doctors appointments, hospital record or change anything that requires the involvement of city hall, including checking digital mail from the municipality or government. It’s basically not possible to function in our society without it.
Out of curiosity, what do older citizens do? Like those in their 80s? Many here do not have a smart phone or mobile.
For banking and other official business, they have to go physically. If their bank has no physical department near them well then it sucks to be them. For digital mail you can apply for exemption and you will get physical letters.
You can order a digital code generator so you don’t need the app if you still want 2FA for digital handling. But I don’t want to have to carry that with me it would be a significant inconvenience for me.
Wow, that is pretty hostile to the elderly.
I mean, it’s been 15+ years since smartphones hit the market as a regular device, so those people where only in their mid/late 60’s when that transition happened. And there are solutions in place for both digital access without smartphone and physical only access. I’m not sure I see how that is hostile to elderly or people that can’t/won’t use a smartphone or insist on physical access. Obviously physical access is going to be a hassle, that’s why it’s not the default anymore.
Go to the bank in person
Wow, that is pretty hostile to the elderly. Imagine those who struggle to get about? Excluding them from society.
My bank’s app has way less functionality than the web version, but it’s used as a second factor to auth some operations, so I have to use both.
Depends on the country. I’m teaching in Thailand and here you can’t do any banking through a browser. You can only use the bank’s official app and you don’t even have a login/password for it, you have to go to the bank and activate the app in person as a foreigner (I think Thai citizens can do it online but foreigners have to do it in person). Nobody takes actual cards for the payment and you pay everywhere by scanning QR codes which has to be done through the app. If you buy a new phone you have to activate the app again at the bank’s office. It’s really annoying and the reason I probably can’t go with GrapheneOS or any other custom roms because the bank app is absolutely essential.
Is using cash impossible in daily life instead? It is hard to imagine for me that a smartphone may be outright required for daily life…
It’s possible, just very inconvenient. You end up getting massive amounts of change that you have to lug around to spend.
Ah, nice to know. I personally consider this a fair tradeoff for freedom and lack of financial surveillance.
Oh yes this QR code bullshit drives me nuts back home too
I don’t like smartphone and won’t use apps for anything important.
Could you elaborate? What kind of phone do you have and do you use a free messaging application like Whatsapp?
i have an android for work and I just have the work stuff on it. personally I use google voice.
Mobile check deposit is the only thing I want from my bank’s app.
I’m running LineageOS with Magisk and Play Integrity Fix. That works for my bank’s app, but I’m annoyed that they make me do it and gave their app a 1-star review on Google Play for it.
Cashing checks and zelle are the big ones
Zelle is sketchy even when compared to other cash transfer apps. They do a lot of freezing people’s money. Don’t use them if you have any other option.
I use Zelle almost exclusively for my business and I have never had an issue with it.
Do you have some examples?
Same here, mobile check deposit and Zelle are literally the only things I’ve ever needed a bank app for.
I used to never use Zelle for anything but too many friends/family want to use some sort of app for exchanging money & that’s usually what we settle on. And my old landlord wanted rent paid via Zelle so that was another thing that forced me to install a bank app for Zelle purposes.
Mobile check deposit is a requirement when dealing with a bank without any locations nearby. In practice I only need to use that once a year or so, checks are kind of rare nowadays unless you’re a business owner with clients/customers paying with checks.
For some banks, like Ally, you don’t need the app to transact in Zelle. But yeah, I must have one for check-depositing.
Apparently US apps suck since our system is a dinosaur.
My bank’s 2FA works only via their app or via SMS. For SMS I would have to pay per each received SMS.
The app perfectly works without safetynet, with microG, rooted with magisk but hidden by zygisk, so I’m lucky. At one update they added a popup at start after login about asking to add my card to Google Wallet (or whatever it’s called nowadays), and it’s not implemented in MicroG, so I can’t open it since that version. I just downgraded to the last working version and blacklisted its upgrades in Aurora, and I hope they won’t block my old version in the near future.
It’s a very progressive small local bank, I will contact them about this issue if they block my old version to make that dialog optional.
Never used them and I likely never will
My bank doesn’t have a website and it makes me want to kill them.
It’s crazy that it’s even legal to only have an app
In Finland, extremely.
The banks here provide digital ID verification online. You use it to log into tax services, the national health-care database, to apply for schools, other education-related stuff, apply for welfare, register trade names… etc. The list goes on and on.
Stuff you’d otherwise have to personally visit or mail documents to offices of various government institutions for, can be done extremely smoothly online.
With my bank, the app is used for one of the verification steps. When verifying your identity online, you need to authorize the login from the app by entering a PIN from memory when prompted. There are alternatives but this is by far the most convenient.
The same banking app also notifies me the second any money comes into or leaves any of my accounts. No transactions can occur without my knowing. It lets me know when I receive my pay, or when an electronic invoice comes in (power, phone bills, etc. come right into the app), gets automatically paid, or when explicit authorization is needed due to one being irregular.
Most of the services my bank provides can be accessed via browser, but the stuff above is the kind you can’t achieve in a browser.
Honestly OP Pohjolas app is so feature-rich I’ve been able to pretty much set it up to run my finances for me. All I do is keep an eye on my accounts to make sure things are going right.
Can confirm. On top of all that, the app is way more intuitive to use than the website.
I remember when I got here it was a nightmare for the first few months when I didn’t have strong auth. It took several months to open a bank account and you basically can’t do anything without that stuff
Pretty much. Helping my grandmother deal with misplacing or forgetting her login details has been hell a couple times.
It’s extremely convenient when just go about your life with it already on hand, but for obvious reasons the security measures are extreme and it’s a pain to set up or recover your id.
2FA must be done through the damn app. It’s TOTP (six digit) but locked behind god knows what. I asked for alternatives and they looked me like I was a caveman.
That would tempt me to dump a backup with adb and rifle through the app data to find the seed
When they give you that QR code for the 2FA app, print it out and file it away. That is the seed.
I don’t use them. Web banking works completely fine for me. Back when I did use them, though, I always used them on privacy ROMs/GOS specifically. Went through 4 different banks and all their apps worked fine for me on GrapheneOS. No Google Play services either.
I’ve never used a banking app and I do quite a bit of business with multiple banks.