Revolut used to play very well with custom operating system, Now the way they changed the Play Integrity API you will no longer be able to login.
My advice is fortunately the same as GrapheneOS’s x.com
Maybe don’t take it as far as management but anything if it means a little and if it means you will should go a long way to show Revolut that we care…
Shoutout to @PrivacyFounder On the other site, this is what appears when you try to login:
I know that if you wanted private payments. Revolut and others Are not the way to go at all but I thought I’d be nice to point out in this ever evolving world and maybe we can make a change on apps like them that do these kind of practices where they do things like take away people’s ability to login because of Play Intergrity API when you could before. It’s all about Digital Rights here
Yes while older versions will work an I am in one. The fact alone that revolut does this says alot. And trust me long term this isn’t a viable method. This has happened to me where After many versions that I haven’t updated. Revolut will force you to update anyway at some point.
Well this is not Revolut’s first time afaik, I think it might have something to do with the SDK?
What user (customers) should do is to report to Revolut CS as it cannot be solved by GOS, if it is SDK issue then Revolut will push another update shortly to “fix” that.
could you please help: where we could find it? In Aurora Store I can’t see any previous version available.
I’m not so sure to user APK Pure or APK mirror
Companies like these should be held responsible. The fact that they did not create the offending anti-competitive Play Integrity API doesn’t mean their use of it isn’t anti-competitive in and of itself.
I genuinely believe they are doing this for security. Like they also have done things like PIN scrambling, etc.
So maybe it is up to the security team, and not top-down.
It’s not using auditor, it uses the standard hardware attestation API which is part of AOSP. GrapheneOS recommends referring apps which implement Play Integrity to the previously linked attestation compatibility guide. The hardware attestation API provides much more robust security guarantees than the Play Integrity API. Source.
The Play Integrity API provides no security guarantees when it accepts devices which haven’t received security patches in 8 years, but not GrapheneOS, which offers unrivaled security. Source.
I think we (and even GrapheneOS team) are missing the corporate point of view: There are billions of Android phones out there, with and without Original OS, and their App needs to support them while maintining security.
If Google claims they are “secured” by using their APIs, you bet they will do it instead of handling the phones case by case.
They can´t hold GrapheneOS responisble in case something goes wrong with their security model, but they can for Google.
No, Google accepts no liability for use of their API, that wouldn’t make any sense. What these companies are doing by using the Play Integrity API in this way is blatantly illegal under anti-trust law.
I think my point still stands. They would understandably follow Google guide lines / recommendations over GrapheneOS.
I still think “illegal” is not the correct term. No one is forcing the Apps to use Google APIs instead of something else. They are doing simply what they think is “best practice” specially for a financial insitution.