Replies (20)

The link says, “The requirement goes into effect in Brazil, Indonesia, Singapore, and Thailand. At this point, any app installed on a certified device in these regions must be registered by a verified developer.” And then by 2027 they want it globally
PixelBob's avatar
PixelBob 10 months ago
I think "for certified devices" is the key there. If you unlock / de-certify / graphene should be OK. Problem is high trust apps like banking apps will immediately demand certified only
GrapheneOS isn't a Google certified OS and some banking apps already block running on operating systems that aren't. The Play Integrity API allows an app developer to do this.
roll_the_dice's avatar
roll_the_dice 10 months ago
Yet they will run in a web browser.. banks are so retarded with their security theatre
I’m guessing it’s similar to how Apple verifies apps you go to run that were downloaded outside of the App Store and it prompts to confirm you want to run it. Apple could easily do the same, where they block any app that isn’t signed. Sounds like Google is wanting to consolidate its power over Android a bit more and they’re doing so in the “it’s for your own good” bullshit
They are extremely likely to be using google play protect to do this which is part of the official play services so if you don't have that and already don't get messages from the play store when sideloading this won't effect you.
If play services is installed it already intercepts malware installations, they hook into the app installer. So starting 2026 they will just update that to check if its a licensed app or not.
I suspect that to but that doesnt solve the phone issue. At least degoogled android isn't effected. Degoogling on my deliberately older phone is getting harder though with the cert changes.
I'd say first see if the bank offers a hardware tokens to do banking trough a website. Mine has that and I use that. If not, thats plan B.
Not really, lineageos based stuff is compatible with way more phones and microg wont have this either. So people can also look at /e/ for example or many other degoogled options.