All in the name of reliability and security supposedly. For example not being able to use banking apps on a rooted phone… yet I can use them on my perfectly secure regular computer where I have full root/admin access.
> can use them on my perfectly secure regular computer where I have full root/admin access.
yooooooo shhhhhh
Don't give them any ideas :(
Also it's not like insane security ideas around banking access compliance are unprecedented, see e.g. South Korea's insane Internet Explorer deal (transitively caused by US's ITAR on encryption)
Brazil once had a similar problem. Banks used to force users to install these obnoxious "security plugins" into their browsers. One day I got fed up with the inexplicable slowdown they were causing and decided to see what they were doing. Turned out they were intercepting every network connection.
There is no limit whatsoever to what a bank feels is justified in doing when it comes to preventing fraud, money laundering or whatever else that impacts their bottom line. They literally believe they are entitled to any and all access.
Many banks in the EU require a smartphone for that at this point (or a dedicated authentication device).
But instead of using actually secure technologies like Android’s protected confirmation (which couldn’t care less about running on a rooted phone, as it runs in a trusted HW enclave), they usually just settle for (often very spoofable) “root detection”. It’s quite sad.
My bank will let me make deposits from my phone, but not from my computer. A few months ago, the phone app tightened its Play Integrity usage, and will now no longer run on the phone it had previously happily run on.
