Pay securely with an Android smartphone, completely without Google services: This is the plan being developed by the newly founded industry consortium led by the German Volla Systeme GmbH. It is an open-source alternative to Google Play Integrity. This proprietary interface decides on Android smartphones with Google Play services whether banking, government, or wallet apps are allowed to run on a smartphone.
Furthermore, a peer review process is planned, through which the consortium members will mutually check and certify their operating systems and smartphone or tablet models. “This is intended to create transparency and replace trust with traceability.”
Still doesn’t sound very open.
I should be able to tell my bank to only trust devices running an OS signed by the grapheneos key, and more importantly I should be able to tell them to trust an OS signed by my key.
Edit: I don’t mean to shit on this too hard. It might be the best next step.
It is kinda insane though that we’ve had public/private keys since the internet started walking and somehow we end up with all these over-complicated or pointless ways to use them.
Decentralized systems are more difficult to understand, and also inconvenient.
Also, very hard to monetize.
Therefore, capitalism converts the issue into walled garden approach. Easy for rubes to use, nobody bats an eye.
I think it’s cool trying to figure out a way to do this without google, but it still won’t solve the fact that credit card payments aren’t private and are linked to your identity. As always cash is the way to go.
Also if you are still going to have a credit card (I mean fare I have one too) why not just use a physical card rather than paying on your phone?
I agree it would be good to have third party integrity checks to not require Google Services etc. as part of the chain.
In GrapheneOS, many Google Play integrity check pass, but payments still do not work. You are notified when an app uses the integrity API, but probably only because they have spent a bunch of work sandboxing Play Services. This is what you see when you look at those details:
I guess the obvious problem is that so many apps rely on Google Services, such as for payments, opening the store, checking for integrity etc. On stock android, you can’t pick and choose these services separately or use third party ones, unlike using a third party keyboard, for example. Everything is one big proprietary, data guzzling lump.
Honestly if there was an alternate and functional phone/OS/app store that early adopters who are a little technical can embrace, it would be the #1 platform in under 5 years. People in the know are chomping at the bit to get away from these big monopolzed platforms, and once it gains steam and polish, people will flock to it.
This works be fantastic and I might actually switch at that point.
This is a fantastic initiative.
