Where I bank is sensitive information. It has value, most especially to debt collectors, hackers, and adversaries. Hackers would love to have that info not necessarily to attack the acct but to write a convincing ransom demand. Google ties downloads to identities. The app can only be exclusively jailed in a walled garden if the source code is secret (and it is).
@resist1984 I'm a big fan of credit unions, myself.
@wswartzendruber credit unions are a big bump up in trustworthiness, but even US CUs are jailing their closed-source apps in #Google's untrustworthy #Playstore, so Google knows where you bank, as well as any insiders happy to sell that data.
@wswartzendruber Regarding EU banks, they are much more of a gestapo as far as keeping your place of residency on file. So I could envision them using the location tracking to check consistency. They would probably use an ATM locator service as a cover story for why the app needs your location.
@wswartzendruber These ppl cannot do gratis money transfers, and they must either pay a fee for mailed statements or they must make a trip to their bank once a month.
@wswartzendruber And if you think you can get the app from some dodgy APK downloader and run it in a sandboxed Android VM, the answer is no. Some (if not all) bank apps are very good at detecting whether they are running on a VM, and the app refuses to launch.
@wswartzendruber And what about innovation? When the app is proprietary closed source, I can't add features. I can't code it to automatically grab my statement, sync with my ledger, and file it where I want it, and I can't port that code to my other banks.
@resist1984 @wswartzendruber Or they use a home banking programm on their computer via HBCI. I don't remember having paid a single "transfer fee" in the 25 years using it that way.
So why not finally abandon the idea of that "mobile banking app"? There are FOSS solutions like Hibiscus you could use on your Laptop (if you insist on movable) or PC. Even using a live CD with Tails.
@IzzyOnDroid @wswartzendruber I'm talking about the banks that are 100% phone access only. There is no web UI anymore, and no HBCI. In Germany your reality is different than the rest of the world. HBCI is German; it hasn't even crossed the boarder into Belgium.
@wswartzendruber @IzzyOnDroid And since forced proprietary mobile phone apps have proven successful for banks, they have little incentive to start offering HBCI as proprietary apps are more profitable.
@resist1984 @wswartzendruber companies want HBCI, they don't do their banking via apps. So that's their incentive here.
@IzzyOnDroid @wswartzendruber then theoretically companies all over Europe would go to German banks to get that benefit, but banking across EU borders is usually blocked. I tried to open an acct in Germany and was turned away by the bank, who said "you don't live here and you don't work here, so no".
@wswartzendruber @IzzyOnDroid I also saw a post from a homeless German who was being refused a bank account, which he said he was legally required to have, because he could not prove his address.
@resist1984 @wswartzendruber @IzzyOnDroid The Postbank has been or still is the address for bank accounts for hopefully everyone, by law.
@resist1984 @wswartzendruber Another method to ensure you use a phoñe app is to proprietize MFA.
@wswartzendruber Some European banks have started closing down web access to force customers to use their proprietary app exclusively from Playstore, which means customers without GSM service or who are unwilling to share their phone number with Google are denied online access to their account.