Passkeys are funamentally flawed. All it does on top of a half-decent password manager is that the client software promises a few things. There are no enforcement mechanisms at all. I.e. Only one factor is actually authenticated. From a security or even general developer perspective, that’s completely insane to advertise as a feature, let alone call 2FA.
So this only furthers the argument that there is a strong correlation between silly apps and enforcing lockscreen password.
I’m not a fan of passkeys either, unfortunately some organizations are enforcing their usage (as my university, since today) without alternative.
The German automobile club ADAC has changed banks for its Visa card. It is now Solaris Bank. When paying with the ADAC Visa, the purchase must now be confirmed online or in the app. However, this app also requires an Android PIN…
We should create a list of affected apps (and the number of downloads according to Google Play, as a measuring stick for their prominence):
ADAC Kreditkarte (100,000+ downloads)
Danske ID - Danske Bank (500,000+ downloads)
Eurail/Interrail Rail Planer (1 million+ downloads)
Microsoft Authenticator (100 million+ downloads)
SMARTBROKER+ Aktien & ETF (50,000+ downloads)
I will gladly update this list with further entries, just tell me which apps are affected (or if they no longer are). 
Danske ID works if you use an old version (1.6.2) with Aurora Store. If you choose the “Manual Download” option then put in 1690000023) then you’ll get 1.6.2.
Yes, I’ve seen your post in the Banking app thread, but it is highly questionable if Danske Bank will allow the usage of older versions down the line, that’s why I am keeping it on the list. It’s of course good that there is this workaround for the time being, however being able to use the latest version is obviously the better scenario.
Microsoft Authenticator
Eurail/Interrail Rail Planer (1 million+ downloads) is another app that requires a lock pin in order to add a Eurail/Interrail Mobile Pass.
Source?
I’m getting no google results for that requirement, and i have no issues.
Beyond that, it seems exceedingly stupid of them since everything even remotely sensitive is behind BankID anyway.
2023 I was not able to start Swish app because of this error. I currently have no Sailfish device (waiting for official 10V image). So I can not confirm, that it is the same with current version, but I can not imagine, that the requirement has been dropped.
I’m using Swish 5.17.1, which is from 2024 without any such issues.
Barring the XA2 gap between old AlienDalvik and AAS, and a particularly silly BankID version, i have had continued access to both since the beginning.
I can imagine that quite easily when they remembered everything is behind BankID.
The latest version is 6.0.0, are you able to update to it and tell me if the lock pin requirement remains absent?
Not interested in gambling 
These shitty apps can break if you look at them wrong.
…but having been removed after some arbitrary 2023 version sounds promising.
Edit: and on secondary phone i had laying around, it installs and starts without complaints - i obviously didn’t enroll.
Okay, I’ll remove it then from the list for the time being. If anyone else uses Swish betalningar 6.0.0 and can give me a thumbs up, I would appreciate it. @attah Yes, I’ve also installed the app (temporarily) on my XA2 and it runs fine, at least until the “type in the number you are using with BankID” page, which I can’t provide as a non-user.
I’m on Swish 6.0 and no lock pin. There hasn’t been a lock pin at least since I started using Swish on my X10III in June 2022.
Alright, thank you very much.
I’m actually a bit afraid that this chat and others like it, will get those fuckers started, and give us exactly that kind of trouble.
As I understand the situation, they are actively trying to force us into the surveillance booth.
Maybe I’m overly paranoid, but recent experiences tell me that I’m on the truth.
The most resent thing is that Swedish state TV (STV) is telling us to stop using SMS. Instead they want us to use ‘end to end encrypted message services’… that really got my clock ticking.
This comes from an EU-affiliated state apparatus that has passed one surveillance law after another over the past 10 years (read chat control, and more).
Please use your brain and draw your own conclusion, preferably uninfluenced by state propaganda.
Is there any public discussion of this ‘Task’? Given no development was started, is it correct to assume technical and/or ideological bottlenecks were found?
In general there is no or not much employee interference on this platform, no feedback doesn’t necessarily mean that the task has been discarded or that it is impossible to implement. Generally, it boils down to sparse resources within the organisation, and higher priorities elsewhere, e.g. refining the SFOS adaption for the Jolla C2 and making SFOS 5 ready for distribution across older phones, which surely takes up most developer manhours currently.