this post was submitted on 26 Dec 2025
11 points (100.0% liked)

Android

1020 readers
3 users here now

Android news for android developers. Everything that happens in android world.

For Android development specific topics please see /c/android_dev

The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License

founded 2 years ago
MODERATORS
erlingur@programming.dev
askat@programming.dev
Ategon@programming.dev
11
Does Android's SafetyNet actually make it safer for apps to run? (programming.dev)
submitted 1 day ago by voicesfromdeep@programming.dev to c/android@programming.dev
8 comments fedilink hide all child comments
 

I currently have a complaint at kifid (instititute for complaints against financial service providers in the Netherlands) against Revolut because it doesn't work on degoogled phones. They claim it makes it more secure. Can anybody point me to a study or expert opinion on the security benefits of safetynet and how it protects android phones?

My inkling about googled OEM phones is this:

  • many are old
  • many aren't receiving patches anymore
  • many receive security patches late (weeks or months)

And regarding degoogled phones:

  • they are more likely to get security patches more quickly
  • they are often maintained longer than OEM phones
  • certain ROMs like calyxos and grapheneos (to a certain degree eos) are actually more secure than stock OEMs due to either
    • security focus
    • faster security patches
    • being limited to relockable bootloaders

Revolut claims that allowing these ROMs (or similar ROMs) to run their application would reduce the security of the application. I'm not a security expert so it would be nice to find out if that really is true for android.

This was posted on mastodon and reddit for reach.

top 8 comments
sorted by: hot top controversial new old
[–] hendrik@palaver.p3x.de 3 points 1 day ago* (last edited 1 day ago)

The Wikipedia article has some criticism and references. Pretty sure it's there to give more power to Google. But it has "safety" in the name.

[–] lbfgs@programming.dev 2 points 1 day ago (1 children)

FWIW it works on grapheneos without google play services

[–] voicesfromdeep@programming.dev 1 points 1 day ago

A GrapheneOS developer (@springonion@mastodon.social) points out that it seems like that's due to Revolut using Play Integrity API incorrectly (from what I understand). If they were to update the app and actually use the result, it might lead to Revolut not working on GrapheneOS either.

With my complaint, I'd like to get Revolut to work on all degoogled phones and not have any risk of an update suddenly killing support.

[–] entwine@programming.dev 1 points 1 day ago

You may have better luck asking on the GrapheneOS forums

[–] SSUPII@sopuli.xyz 1 points 1 day ago (1 children)

The Reddit post has no body

[–] ArfArfWoof@feddit.org 1 points 1 day ago* (last edited 1 day ago) (1 children)

This was posted on (...) reddit for reach.

[ Removed by moderator ]

lmao

[–] SSUPII@sopuli.xyz 0 points 1 day ago (1 children)

Now it is. Before removal it was empty. Likely seen as spam.

[–] voicesfromdeep@programming.dev 1 points 1 day ago

It's not empty to the submitter (me).

Must be some reddit bug or it works that way by design.