I just got a message on my app forcing me to agree to let the app look at when I scroll and scan what apps I have on my phone, in the name of “preventing hackers” which kinda sucks. Any banks that actually respect your privacy in Australia? or does anyone have tips to make banking more private?
Yes I know graphene-os has sandboxing, no I’m not buying a new phone.
You must log in or # to comment.
What bank asks for those permissions? Just so I know to avoid them.
Commonwealth bank
Uh oh thats who I’m with. I’m using GrapheneOS so should be fine. Maybe I’ll transfer the app to a separate profile just in case. Thanks for heads up.
I prefer browser(web)-based banking apps which work well on a phone UI without the info-access creep.
UBank (NAB subsidary) and Wise (not a bank) both support passkeys for login in the browser. Most other banks here seem to have regressed from hardware tokens to SMS codes or proprietary apps for their MFA.
Passkeys are only as secure as your passkeys – I use Bitwarden with master password re-prompt checked for bank credentials, but I should probably switch to a hardware based passkey (at least for unlocking Bitwarden itself).
The phone apps are sometimes required to do some things (like managing passkeys for UBank, verifying ID in Wise). They work on LineageOS without the google stuff, but might be worth installing only temporarily in a separate profile or phone.
Retail payments – just use a physical card if you’re not using cash.
Not Australia here but I use Native Alpha to create a webapp version of things that I dont want the invasive apps of but that have good browser options, like my bank.
That seams pretty cool, thanks.
I have ANZ here in NZ and can use them in AU as well. The only permission I allow them is notifications.
For westpac I just login on a browser on my phone, so no app downloaded
Probably a security issue tho, since you only need the phone password to get in, since the browser saves the password. So thats a risk, so maybe don’t do what I do lmao
That only happens if you let it, I chose “never” and use biwarden to back fill user/password
ING works fine with no permissions.Actually, if you hit those 3 dots on the top right and select “All Permissions”, you’ll see there’s a whole host of things it demands that you can’t opt out of.
I stand corrected, thanks.
As you can see, I too have made a “least bad” choice for pragmatic reasons.
I take no pride in correcting you.
