Pay securely with an Android smartphone, completely without Google services: This is the plan being developed by the newly founded industry consortium led by the German Volla Systeme GmbH. It is an open-source alternative to Google Play Integrity. This proprietary interface decides on Android smartphones with Google Play services whether banking, government, or wallet apps are allowed to run on a smartphone.

you are viewing a single comment's thread
view the rest of the comments

[–] Nyadia@lemmy.blahaj.zone 67 points 1 day ago (9 children)

I see this topic come up often in conversations about degoogled Android and it makes me wonder what if anything I'm missing out on by just using cash/card for payments, cause not once have I been at checkout and thought to myself "man, I wish I could do this with my phone instead" but people talk about this like it's almost a dealbreaker that makes it hard for them to seriously consider switching to Graphene or Lineage or whatever.

[–] MouldyCat@feddit.uk 1 points 2 hours ago

Unfortunately there is a significant security advantage in using Google Pay or Apple Pay which no one has yet mentioned. When you make a payment with chip-and-PIN using your physical card, your real card number is exposed to the merchant. The proprietary wallet services on the other hand use a device-specific token in place of the card number.

In practice, this means that if a retailer is compromised, there’s no usable card data to steal or clone, which removes a large class of fraud that still exists with physical cards.

[–] 20dogs@feddit.uk 3 points 5 hours ago (1 children)

My bank (Monzo) doesn't even offer an alternative way to interact or sign up except through the smartphone app.

[–] als@lemmy.blahaj.zone 3 points 3 hours ago

FWIW, Monzo works on Lineage OS with no gapps. I can't use google pay but I have a card for that.

[–] h_ramus@piefed.social 40 points 1 day ago (1 children)

In a lot of counties banks are becoming mobile first. Want to login in the browser? Authenticate with your mobile app to approve. Don't have a mobile phone with the requisites of the bank? Well, go to the branch, take a ticket, wait and then tell them what you want to do with your money. It's not just about paying, banks are moving online authentication to be dependent on Google or Apple, whatever poison you pick.

This seems like same shit different flies. Still dependent on some centralised approval which doesn't help openness and security. We need alternatives to the duopoly but this ain't it, chief.

[–] pishadoot@sh.itjust.works 1 points 14 hours ago (2 children)

I've never encountered what you're describing. There's always other ways to authenticate than through a mobile app, at least from my experience, and I think I've used about a dozen different banks/credit unions over the past 15 or so years. Last credit union I cut ties with had ZERO MFA for their web portal, except on account creation. Like, no SMS, no email, nothing - just user+pass, and making sure you have the right background picture of the login screen you picked on account generation (like, a duck or a football or whatever). Completely ridiculous in 2025 (when I cancelled my account).

Regarding the OP, I think any new competition in this space right now is good, even if it ends up just being a triopoly vs a duopoly (fat chance with this thing but we can hope).

Ideally though we need an open protocol/standard that can be implemented through any manner of device software.

[–] Pirate@feddit.org 3 points 7 hours ago* (last edited 7 hours ago) (1 children)

No offense but it sounds like you’re from the US, where banking is 20 years behind in comparison to Europe.

The other commenter is right, some banks are mandating 2FA using your phone even to log into web banking, so phone authentication is still required.

Also some EU countries have pretty much become cashless although it’s obviously still legal tender. Even some tiny village in the middle of Denmark has card readers.

[–] grue@lemmy.world 1 points 1 hour ago

If this shit is what "ahead" looks like, I'm happy being "behind."

[–] h_ramus@piefed.social 6 points 13 hours ago

Some countries are all-in on the digital transition and for a lot of things shops don't even accept cash anymore. Digital QR code transfers are preferred. Be thankful that the banks that you deal with haven't gone down this path.

2 factor TOTP exists and is secure enough for corporates to have adopted long time ago. Banks can adopt similar authentication methods but choose not to.

On the OP, not sure what the solution could be. However, going down this path seems flawed.

[–] newtraditionalists@kbin.melroy.org 13 points 1 day ago (1 children)

Right there with you. Access to my money relying on a device that needs to be charged is just stupid. I'm stranded somewhere, my phone runs out of battery, suddenly I have zero dollars. No thanks.

[–] Chewy7324@discuss.tchncs.de 3 points 1 day ago (1 children)

I keep a single bill in my phone case for emergencies (be it an actual emergency or I just want to eat at some place which only takes cash).

If my phone battery runs out I'm stranded anyway, since I can't call anyone or use my public transport ticket.

[–] newtraditionalists@kbin.melroy.org 6 points 1 day ago

Im truly struggling to understand what you mean. If your phone battery runs out, and you cant call anyone, do your legs and mouth suddenly stop working? Walk to a bus/train/transport station, use your words and pay for a trip home. obviously, if your money relies on the phone battery, yes you are truly stranded. But if you have a card or cash, you are not. It's quite simple. I guess you just have no imagination and can't fathom that people existed without phones or something? I'm asking in earnest, what do you mean?

[–] NewOldGuard@lemmy.ml 13 points 1 day ago

I agree, it’s a nice-to-have but it’s far from necessary. I like having the option as a backup in case I forget my wallet, but I’ll live without it

[–] puntinoblue@lemmy.ml 2 points 17 hours ago

I don’t use the phone that often as a debit /credit bank card but I use it for payments (bills invoices etc.), paying on line, transferring money to people and accounts, and just managing accounts. The phone app is very useful for those functions - especially if the alternative is going into a bank and queuing.

A phone OS that will not work with banking apps is not really a contemporary solution. iOS or Android are the only reliable options at the moment in the US/Europe - Iiuc Open Source Android has to sandbox Google Play for banking apps to work so that’s not viable long-term solution, as Google will only make that more difficult in the future.

Given the issues with the judges at ICC and US payment systems, building an alternative to Google and Apple is a high priority

[–] root@lemmy.world 5 points 21 hours ago

I agree, with the caveat that it's very nice to be able to pay with my phone/ watch if/when forget my wallet, rather than having to go back home to get it.

[–] Eyck_of_denesle@lemmy.zip 3 points 22 hours ago* (last edited 10 hours ago)

India primarily uses Phones to pay. And I'm sure there's a big community there that uses custom ROMs.

[–] JoeMontayna@lemmy.ml 2 points 21 hours ago

It's the hardware, and it feels like mobile in particular is intentionally designed to not be modular. I suspect that is by design to keep it under control of the big companies.