Recently number of android apps started to complain about me having insecure device. I tracked it down to having android image having “test-keys” string in build properties.
I also have one app that still complains, it is “mObywatel”, a Polish Government app with electronic version of your documents.
I think 4.3 fixed some apps detecting SFOS as rooted, but some apps still complain about it being AOSP?
I also still have that issue with 4.4.0.58. Does it have to do with developer mode enabled? Or allowing 3rd party apps? Or being on EA? Any help would be much appreciated, as it seems, I am forced to use SecureGo by one of my banks somtime in summer.
Same with the Santander banking app hete in the UK. This used to work, but now doesn’t anymore on the latest SFOS 4.4.0.64. It complains the phone has been modified and is unsafe, by which I assume it means rooted.
When I asked the support of my government app, they said the app is blocked on non-official ROMs. This is their answer, not sure how they could possibly detect that.
SFOS is not rooted, the only thing apps can detect is that it is using AOSP and the bootloader is unlocked. And I think the bootloader is actually the problem.
Presumably if that is the case then the problem is not solvable? I’m sure I read somewhere that either you can’t relock the boot loader after installing Sailfish, or if you do Sailfish won’t work at all - can’t remember which.
It seems you can hide the fact bootloader is unlocked from apps with Magisk App. Worth a try.
Another thing is how the apps check that. If they use Google’s Safetynet, then you at least need to have MicroG, and hope that works. And that is also the app you would need to hide that from.
Ok, i see. This was new for me. I really hope i don’t run into apps that start nagging about the bootloader. The current signed Android has made banking etc possible for me.
App failures could be due to a number of problems; the app could check bootloader and if unlocked refuse to run or it could see if the device passes safetynet. With googles move to hw attestation nothing Jolla can do to pass that.
To date Jolla have concentrated their programming effort on the core OS and the ‘standard PIM’ productivity apps such as mail, messages, calendar, contacts, documents, browser, etc.
I think it is unlikely they will ever go beyond this brief.
As far as I am aware there are no commercial companies developing apps for Sailfish - the small user base for the OS probably wouldn’t make this commercially viable. There is no ‘paid apps’ store model either.
The majority of app development therefore comes from the voluntary community according to criteria like (a) what interests the individual app developer or what they themselves need, (b) what they think may be of widespread interest or use to other users, and (c) what they are actually able to do (e.g. some apps might be very difficult to develop because of closed APIs, licensing, etc).
I can’t see this position changing in the foreseeable future, so specialised native apps like banking apps for individual banks are unlikely I think.