A query on Graphene OS for moving from iOS

Hey Folks,

I am an iphone user and I am planning to migrate to Graphene OS once the Pixel 10s launch. I am pretty sure I am not going to miss much of iOS but there is one feature that I like about iOS regarding installing apps.

When you install and open a new app, if the app requests your location or contacts and you deny that permission, the app can’t force you to give permission and has to open anyway without those permissions.

I my mom’s samsung phone, if i deny location or camera or say contacts, the app refuses to open after installation until it gets those permissions.

I don’t know what that feature in Apple is called but does Graphene OS have any option to restrict permissions while installing and use them anyways.

The reason i am asking is that some banking apps keep asking for location on android and just won’t work without the setting enabled. Is there any workaround for such apps in GrapheneOS?

As far as I understand, if an app refuses to function without select permission, there’s nothing the operating system can do about it.

But you should still be able to download and install the app.

But you can also install the apps in another profile compartmentalizing your workspaces for different purposes or for different apps if any are too privacy invasive. Alternatively, always bank on the web via your computer if you can manage to live without the app itself.

2 Likes

Depends on the app. If I really needed a proprietary app, I would isolate it by installing in a separate profile via Aurora Store. If the app needs Google Play Services, then I would install it, but for some apps I’ve been able to deny the network permission and it was enough for the app to function.

2 Likes

What you are describing is simply App Store policy. I’m fairly sure a similar policy exists on the Play Store but it may be poorly enforced / have exceptions.

Some permissions in GOS have scopes versions which from my understanding trick the app into thinking it has full permission when it actually doesn’t and is being restricted instead. I’ve enabled this for photos/files for certain apps, I don’t know if that would be a workaround but it’s an idea.

2 Likes

You can enable contact scopes, which will only allow the app to access contacts you allow it to see (none if you want to).

1 Like

The implementation is beyond poor. There are some apps that simply close if you deny location and contacts.

Is that a GOS feature or a separate app that can control this functionality.

So the scopes feature works for location access too? My banking apps need my location for some weird reason.

graphene os adding location scopes should be a thing haha

1 Like

This is a GrapheneOS feature, see usage guide

No it doesn’t. Although I believe it’s possible to spoof your location with third-party apps. Your bank usually need it on signup for verification, but it shouldn’t need it after.

I never experienced any apps for which both is true, usually it’s only location (Google Maps obv.) or contacts (Whatshapp), but not both.

I wouldn’t use any app that require both, seems not trustworthy.

1 Like

Although the data could obviously be abused, the official and not completely unreasonable justification I have seen for banking apps asking for location access is so they can correlate this with use of your bank cards in physical locations to block suspicious activity. If your phone is in Dubai, the chances are that an attempt to use your card in a shop in Tokyo an hour later is fraudulent and they will want to block it.

Card PINs exist for this reason. There is no reason they need your location.

This should be opt-in. Revolut has this but only for cash withdrawals, and is opt-in.

Plus banks should allow you to block payments outside your country or at least outside your continent. They should also let you disable contactless payments. If they don’t, screw them they aren’t a reliable bank.

1 Like

I agree. I try to avoid banking apps when I can but I think so far the ones I have chosen to use (in their own profile or on a separate device) haven’t forced me to allow location access. I just wanted to point out that there is some genuine use for location by a banking app - how much they force it and what an individual user is willing to accept is a different matter, of course.

Where are you based in ? In Europe this isn’t frequent

Sorry, I’d rather not answer that. I’ll take your word for it about where it does and doesn’t happen. But where it does happen, while I don’t like the idea of being forced and there is always the potential for abuse, I can see at least one end-user benefit to the bank app knowing your location among all the downsides. I didn’t want to make a stronger point than that.

Sorry I misread, great they haven’t forced you to enable location access