Update: Not sure what exactly happened, but I was now able to create a profile without using NFC nor camera during the profile create wizard. This is what my bank replied to me, but that’s not what the instructions say… Confused a little, but evidently I can use the new POP Pankki (which includes POP Avain now) just fine!
5 Likes
Hi Sailors,
Would anyone with a Jolla C2 be willing to test a banking application for me, please? I just need to know if it will launch and stay open on a device without an unlocked bootloader. I have been using the app on my Xperia 10 III for 3 years without issue, but a recent security update caused it to immediately close with a message that translates to “Your device is insecure or doesn’t comply with the security requirements necessary to use it, so we are closing the app”. I am eagerly awaiting my new Jolla phone (Batch #3) and I am curious if this important app will work on my new device. I don’t know if it is detecting the unlocked bootloader or something else, but I assume a C2 will have a locked bootloader and/or be more similar than my Xperia 10 III in several important aspects. If it works on a C2, it gives me some hope it will work on the new Jolla Phone.
You can install it from the Aurora store by searching for “Pichincha”. The full name is PICHINCHA BANCA MÓVIL from Banco Pichincha, C.A and is named com.yellowpepper.pichincha. The logo is yellow and has the word ECUADOR in the bottom left. It is very important to choose the Ecuadorian app and not the related apps from Peru, Spain, etc, so please check the country name in the bottom left of the logo carefully. If the app stays open after a few seconds and has visible fields, then it should be perfectly fine, but if it closes with a Spanish-language message at the bottom right, then it won’t work and I will likely have the same problem with the Jolla phone that I do now with my Xperia 10 III.
Kiitos, Gracias, and Thank you very much to any kind soul willing to lend a hand!
-PK
Thank you so much for taking the time to test that on your C2. That was very kind of you, and I sincerely appreciate it!!! The message at the bottom of your screenshot indicates that it detected that the device doesn’t comply with the security requirements and it is being closed intentionally. So, it’s not really crashing, per se, but it is essentially the same end result.
This is exactly what happens on my Xperia 10 III, and, based on your test, is 99% likely to do the same thing on my new Jolla phone when it arrives. I had my fingers and toes crossed, but alas it was not to be. It’s a real shame because I know that AppSupport runs the application perfectly. I used it successfully for 6 years on various SF phones. It’s just that the app was recently updated to put in some kind of additional security check and is detecting something on the Sailfish device it doesn’t like. At least I know now that it won’t work on my new Jolla phone either and I can keep my expectations in check. I am grateful to you for that knowledge and will update the wiki.
Because of the way things work down here, that app is critical for me to pay my bills and most of my day to day purchases. Nevertheless, Sailfish is and will remain my daily driver for strong philosophical reasons. I’ve installed the app on a cheap android phone with no sim card that I only use for that purpose. I use my regular SFOS phone for everything else. It’s not convenient, but I’d rather deal with that annoyance than give up the privacy and freedom and joy that using Sailfish gives me every single day.
Thanks again!!! Much appreciated!
PK
6 Likes
Does that app not have some sort of website you can visit?
1 Like
Yes, there is a web version of the app where you can do everything via browser that the application can do. Unfortunately, though, to complete the login to the website, you have to generate a token using the Android application. This is the bank’s mandatory 2FA mechanism and sadly they don’t offer an alternative such as SMS text, phone call or anything else.
Maybe J2 will need an update with an OpenTitan chip.
1 Like
I can’t currently look the source, but Rainemak has mentioned in some thread I once found that AAS side don’t have any information about phone bootloader status. It is faked somehow inside the AAS. Can also be that bank just decided to use the Google safetynet or some s*it. I would contact the bank! But super happy that you keep fighting for your right and deal with the annoyance rather than switch over
Are there any other bank apps in your area that you can test SFOS on the XIII in the meantime? If they work maybe just consider switching to that bank that works..
That is very interesting - I did not know that. It’s hard to say what it is detecting, and I don’t know if they’ll give me the details on what they changed… but it can’t hurt to contact them and ask. Thanks for the suggestion. Yes, indeed - a minor inconvenience is not worth going back to the evil duopoly. I will keep using and supporting Sailfish 100% and hope it remains viable for many years to come. 
2 Likes
As it happens, I already have an account at another bank, and their app works perfectly on Sailfish under AppSupport. I’m so ideologically committed to SFOS that I honestly would change banks if that would fix the problem. Unfortunately, doing that is only a viable solution for paying regular bills but not for day-to-day purchases. In this country, only the biggest shops in bigger cities accept debit/credit cards. In my small town, the shops, restaurants, taxis, etc, will only accept cash or payments through this specific bank’s app. The reason is that most people in this area use that specific bank, and payments from one customer to another are instantaneous. You can make a payment from another bank, of course, but it takes from 3 hours to 3 days for the payment to arrive in the other person or business’s account. So, while using my other bank’s app would be fine to pay my electricity bill, for instance, if I need to pick up a couple of cans of paint at the hardware store, or take a taxi somewhere, or have lunch in a local restaurant, it wouldn’t be practical for the business to take my payment since neither of us could realistically wait up to 3 days for the confirmation. It also would make things awkward or inconvenient for things like sending my mechanic money to buy parts for vehicle repair or paying a contractor for some work at the house.
It’s OK, though. That cheap little Android phone with the app sits on my desk where I can power it on once or twice a month and take care of all my monthly bills, then shut it off. No big deal. When I go out, though, I have to plan ahead, but it’s not too hard. Either I take my second phone and share my mobile hotspot from my SF phone, or remember take enough cash with me for whatever I need. Worst case, I can always stop at an ATM and widthdraw some cash with my card. Obviously, this isn’t ideal. I’d rather use the app from my main SFOS phone like I did for the past 6 years, but putting up with this inconvenience is well worth it to me to remain a daily Sailfish user. For absolutely every other thing, Sailfish does a wonderful job and gives me a secure and private mobile experience and a real alternative to the Apple/Google duopoly. I feel good pushing back against big tech in this way and the slick and practical SFOS interface is honestly a real pleasure to use. And who knows, maybe I’ll figure out another solution in time. I can deal with this minor irritation for now. ¡Que viva Sailfish!
3 Likes
They might react, you never know! One thing that I now thinked about, did they start to require android 14 or newer?
I opened a ticket with support and emailed customer service, so I will find out soon. Fingers crossed and they will respond. As far as the Android version, that’s a good thought! In this case, my Android phone that I am currently using for this app is running Android 11 and working fine, so it should be OK with Android 13 AAS on Sailfish devices. It’s detecting SOMETHING security related since the update, it’s just not clear what it is from the generic security message.
1 Like
I don’t know how, but would you get better error message, if you launch it via terminal?
