New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
DH Denarnik #178
Comments
Since last update to v. 6.0.13 on 8th of September this app doesn't work anymore on GrapheneOS. It crashes everytime on start. |
Please try these possible work around solutions and let me know if it solves your issue: |
No luck. They do kinda security check initially as I understand it and it fails. The developer uses some third party blackbox componets (from Vipera). I've updated to 6.0.15 from 10. nov. that didn't fix it. |
All instant payments app by Bankart (i.e. NLB Pay, Flik, etc., they are one of the region's biggest banking solution providers) use the Vipera instant payments integration, and with the last update they're not supported anymore on GrapheneOS: I tried Flik, Denarnik and NLB Pay. I've contacted Bankart and they confirmed that with the upgrade stricter checks were implemented. So banking apps work, but instant payments apps from the same banks now crash. They all crash with the same message (can this be used to check for a workaround or something): Error in Flik Pay type: crash java.lang.RuntimeException: Unable to create application com.vipera.instantpayments.integration.ProtectedIPApplication: com.vipera.instantpayments.integration.MessageGuardException_RFA6IDc1OCAwNjc5IFsyMDIzMDgyNC0yMDIzMTAyMDA5MzYgYjc6YXJtNjQtdjhhIDM0IGdvb2dsZS9yYXZlbi9yYXZlbjoxNC9VUDFBLjIzMTEwNS4wMDMvMjAyMzExMTUwMDp1c2VyL3JlbGVhc2Uta2V5cyBibG9ja2VkXQ: DP: 758 0679 |
I also contacted bank several times, they said that they are in contact with developer, but basically they are just lying blatantly. Unofficially I found out that they know about the problem very well, but the number of affected users is so small, that they just don't care. However, this does not stop them from constant lying to customers that they are in contact with the developer and that they are working on a solution. I am really allergic to these approaches - why they just be open and say that they are sorry but cannot invest efforts to solve this? Anyway, the problem is, that GPlay is saying that I do not have WebView for Android installed. Which is logical, because GOS is using its own (and hardened!) webview. Now, the question. Would be a possible solution that GOS webview would be somehow reporting the expected version of Google's webviev? |
I know quite a few people also having problems with this stupid and pointless annoyance, perhaps we should write a common email, hopefully showing some numbers to them? |
I contacted one of Slovenian biggest bank (NLB) regarding that... They were really nice, promised they will contact developer. And then - silence. :) They they sent e-mail that we should talk about that on a phone (I guess because there is no electronic traces of that). I called the guy several times, and he is unavailable. So basically... they intend to do nothing, because those bas**, I mean bankers are interested only in their profits, and upgrading banking app will cost a money. A relatively small amount of money, but nevertheless. On the other side, they are damn liars too. They do not want to tell you the truth (something like: "we don't give a f* about you, Mr. Customer"), or they are lying and lying that they are doing "something". And they probably hope, that you will give up sooner or later. I am even not sure if they contacted developers at all. Or maybe they just briefly mentioned that some stupid customer wants something, but it is of course not gonna happen. You see, that is the real problem here. You can have very good, secure and open phone, but some big corporations will undermine it, because people will not be able to use their apps on that phone. And the problem is, I can not use internet payments with that bank, because banking app used for payment confirmation, does not work. For now I am using another bank, but sooner or later their app will stop working too. And the sweetest thing - they say it is for your protection and security. And if you try to explain them, they just don't listen. |
I got feedback from NLB, one of Slovenian biggest banks. I am pretty sure the other banks would provide similar response. They contacted their developers (experts), and they said they can not support GrapheneOS because of two reasons:
So basically, they say that GrapheneOS is not secure and they are not providing their banking apps for our own good. Of course, this is absolutely not true. But let's check the facts:
It would be possible to go public with this, but then the bank would say: "we contacted experts and their opinion is that GOS is not safe, so we are not supporting it". Then we could try to explain why that is not true, but the discussion will quickly become very technical and the public will loose interest in that. They will remember only the statement from the bank, that experts say GOS is not safe. We could also try to question the professionalism of those experts, but they are anonymous and the bank would say that they contacted several of them. So that is it. No banking apps on GOS. |
Is there an existing issue for this?
App name
DH Denarnik
Link to app
https://play.google.com/store/apps/details?id=si.delavskahranilnica.dhdenarnik
App version
v5.0.14
Country of the app
Slovenia
Build Number
TP1A.221005.002.2022110600
Device list
Pixel 6
Google Play installed
Google Play services Network permission revoked?
SafetyNet Enforcement
Native code debugging
Exploit protection compatibility mode
Stock OS compatibility
Profile app tested in
Description of the app's functionality
This is a wallet app of Delavska hranilnica d. d. Ljubljana that enables NFC card payments and instant payments via national schema. All functionalities of the app work just fine.
Are there any extra notes you think users should know about?
No response
ADB logcat of the app if necessary
No response
The text was updated successfully, but these errors were encountered: