Yeah, SIM swaps are a concern too.
Comment on Google's shocking developer decree struggles to justify the urgent threat to F-Droid
pycorax@sh.itjust.works 5 days agoI’m not sure how it works the way where you live but where I live, the way the banking apps are implemented completely violate MFA. They rely on SMS verification which is absurd since if you’re phone is already compromised, no doubt your SMSes are too. There’s no true multi-device authentication in place and this has led to a huge number of victims being scammed after their devices get compromised by a phishing attack.
Regrettable_incident@lemmy.world 5 days ago
Auli@lemmy.ca 5 days ago
The phone is not insecure because of all eggs on basket.
DreamlandLividity@lemmy.world 5 days ago
Well, yes. But then again, I would trust my GrapheneOS phone not getting compromised over 3 linux devices.
pycorax@sh.itjust.works 4 days ago
I mean sure, but that’s not the case for the majority of the user base of these banking apps. Is it the most secure? No but it’s way better than it is right now.
DreamlandLividity@lemmy.world 4 days ago
So what is the case for most users? Are normal android phones getting compromised often enough it is an issue?