Banking apps seem to be a motif among things that donât play well with privacy ROMs. My bankâs website does everything I could want out of it. I think I might be ignorant to something.
- What about banking apps is especially compelling?
- How often do banks put must-have features behind an app?
- And should I be concerned that banks might move away from offering services through browsers?
Website here is awful. Paste is disabled, itâs not optimized for mobile, itâs a PitA to use, & there is literally code to check if the user is running Netscape Navigator 4. The site has a weird encoding that doesnât allow English punctuation, & to change your email or phone number requires physical documents, ID, & a wait period. The app is poorly coded & doesnât work if you have root, are running a custom ROM, (& likely if you donât have Google services)âso I do just use the site. âŚBut if we are being real, I actually always keep cash on me & cash is preferred so while the problem is still relevant, needing the app/site isnât dire.
What is really missing for my country on the site is QR code scanning for bank-to-bank transfers that a lot of vendors use & to do some bill payment. For instance, while I could set up the electric bill to auto-debit, my internet bill only has QR scan without a physical bank number I could transfer to (& the short list of utilities doesnât include my net)âso I take a 25-minute bike ride in the heat once a month to pay that bill but I reward myself by getting to swing by the nearby-ish Hong Kong pie bakery to get a treat & a latte to make out-of-the-way trip feel worth it.
When I do have to use the site & since there is no QR code scanning, the workflow is:
- Login (I have a script to block their paste-blocker to use my password manager)
- Create a new recipient which requires a unique name, the account number + their banking service provider, phone or email, and 12-digit SMS 2FA code (no TOTP or FIDO2 option); this process is done on a desktop-only site which is hard to work with
- Confirm that with email
- Go to transfers, select my from account (despite me only having one account & no default preference option), find that user I created, fill in an amount, do another 12-digit 2FA
- Then they want to take a picture of my phone after the transfer for whatever reason reason
This process due to bad UX can take up to 10 minutes if they are not ready. So the tl;dr is to carry cash or hope an ATM is nearby.
I had discussed it with a local & he said there has been more push towards cashless brought on by businesses/government wanting to track everything & tourists demanding their privacy-invasive âcomfortsâ like $BIG_TECH_PAY & $CREDIT_CARD options despite most folks being fine with cash. Cryptocurrency is basically never accepted either.
If the day comes where I donât have a choice, I will start carrying a second device with nothing but banking & similar nonsense that prevents my freedom to do what I want with the device I own. OP knows the website experience matter since it not only gets ported to platforms outside the mobile monopoly but sandboxes the banks for spying on your device & asking questions that arenât their business like if I run an unGoogled ROM. Good thing there was a mass of pushback against Google trying to add attestestion to Chromium ore weâd enjoy the same nonsense on the web too where Iâm sure Linux would be block by these goobers.
- 2FA
- Some banks I use require I aprove transactions on my phone when I am paying this online
- One bank I use has tap to pay on the app instead of relying on Google Wallet
most banks here require 2fa so theres that
and most block even it on custom roms
cant wait for this shit to be cracked already
My bank only has an app, no website option, but luckily it works just fine on GrapheneOS with no Google Play. I barely use it anyway as I pay cash everywhere possible
My bank doesnât have a website and it makes me want to kill them.
Itâs crazy that itâs even legal to only have an app
