this post was submitted on 16 Mar 2026
740 points (98.8% liked)

Open Source

45438 readers
949 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 6 years ago
MODERATORS
Cloak@lemmy.ml
kevincox@lemmy.ml
CrypticCoffee@lemmy.ml
Lettuceeatlettuce@lemmy.ml
740
Paying without Google: New consortium wants to remove custom ROM hurdles creating an open source alternative to Google Play Integrity (www.heise.de)
submitted 1 day ago by Argyle13@lemmy.world to c/opensource@lemmy.ml
59 comments fedilink hide all child comments
 

Pay securely with an Android smartphone, completely without Google services: This is the plan being developed by the newly founded industry consortium led by the German Volla Systeme GmbH. It is an open-source alternative to Google Play Integrity. This proprietary interface decides on Android smartphones with Google Play services whether banking, government, or wallet apps are allowed to run on a smartphone.

you are viewing a single comment's thread
view the rest of the comments
[–] pishadoot@sh.itjust.works 1 points 14 hours ago (2 children)

I've never encountered what you're describing. There's always other ways to authenticate than through a mobile app, at least from my experience, and I think I've used about a dozen different banks/credit unions over the past 15 or so years. Last credit union I cut ties with had ZERO MFA for their web portal, except on account creation. Like, no SMS, no email, nothing - just user+pass, and making sure you have the right background picture of the login screen you picked on account generation (like, a duck or a football or whatever). Completely ridiculous in 2025 (when I cancelled my account).

Regarding the OP, I think any new competition in this space right now is good, even if it ends up just being a triopoly vs a duopoly (fat chance with this thing but we can hope).

Ideally though we need an open protocol/standard that can be implemented through any manner of device software.

[–] Pirate@feddit.org 3 points 7 hours ago* (last edited 7 hours ago) (1 children)

No offense but it sounds like you’re from the US, where banking is 20 years behind in comparison to Europe.

The other commenter is right, some banks are mandating 2FA using your phone even to log into web banking, so phone authentication is still required.

Also some EU countries have pretty much become cashless although it’s obviously still legal tender. Even some tiny village in the middle of Denmark has card readers.

[–] grue@lemmy.world 1 points 1 hour ago

If this shit is what "ahead" looks like, I'm happy being "behind."

[–] h_ramus@piefed.social 6 points 13 hours ago

Some countries are all-in on the digital transition and for a lot of things shops don't even accept cash anymore. Digital QR code transfers are preferred. Be thankful that the banks that you deal with haven't gone down this path.

2 factor TOTP exists and is secure enough for corporates to have adopted long time ago. Banks can adopt similar authentication methods but choose not to.

On the OP, not sure what the solution could be. However, going down this path seems flawed.