151

Third party keyboards no longer accepted by HSBC's banking app.

posted
by
Avatar
HereIAm@lemmy.world
in
Avatar
android@lemmy.world
39 comments
hidereport

In a recent update to the HSBC app they’ve added a screen to prevent you from using the app unless you use the default (google) keyboard.

They do a similar thing if you have an accessibility service running that can access the screens content. A fair enough security warning if you’ve happened to install a dodgy keyboard app, but highly frustrating when using an open source alternative that enhances the security and privacy over the default option (HeliBoard in my case).

I haven’t found a way to circumvent the page yet. It would be useful if Android allowed you to block the permission to query all packages, but alas.

Sort:
HotTopControversialNewOld
You are viewing a single thread.
View all comments
Avatar
Admiral Patrick@dubvee.org
61 points

If my bank’s app ever forces me to choose between my keyboard of preference and their app, it’s their app that’s getting uninstalled.

permalink
report
reply
Avatar
jet@hackertalks.com
14 points

I think it’s a great option to warn people about. Or even force switching of the keyboard for that one app. But it shouldn’t require you to set a system sitting.

permalink
report
parent
reply
Avatar
Hellinabucket@lemmy.world
2 points

My back pops up with a warning but than just let’s be carry on my way

permalink
report
parent
reply
Avatar
pastermil@sh.itjust.works
6 points

The thing is, they’re one of the biggest banks in the eastern hemisphere.

permalink
report
parent
reply
Avatar
Admiral Patrick@dubvee.org
18 points

Be that as it may, apps must work for me and never the other way around.

permalink
report
parent
reply
Avatar
lka1988@sh.itjust.works
4 points

Bingo. I will happily go out of my way to modify things, and if the methods provided to hide root/bootloader ststu from any particular app don’t work, then that app gets uninstalled.

permalink
report
parent
reply
Avatar
lowleveldata@programming.dev
5 points

I might get a device dedicated to banking only if it comes to that

permalink
report
parent
reply
Avatar
dutchkimble@lemy.lol
1 point

Don’t worry, you can just use your browser instead of their app

permalink
report
parent
reply
Avatar
ccunning@lemmy.world
4 points

Have the security risks associated with third party keyboards been mitigated somehow? I made the decision not to use them years ago and have never revisited it.

permalink
report
parent
reply
Avatar
HereIAm@lemmy.worldOP
5 points

Of course there will always be some risk. But HeliBoard and some other keyboard apps are open source and can be audited. I’d trust (I know, you should do your own homework) the more popular ones have a lot of eyes in them.

permalink
report
parent
reply
Avatar
Dizzy Devil Ducky@lemm.ee
2 points

As someone who doesn’t have the time, skill, or knowledge to audit open source projects, I agree on the trusting more popular open source keyboards (and by extension popular open source projects in general).

permalink
report
parent
reply
Avatar
GlenRambo@jlai.lu
1 point

Fist party keyboards have the exact same permissions. The code is hidden though and noone can audit it.

permalink
report
parent
reply
Avatar
ERROR: Earth.exe has crashed@lemmy.dbzer0.com
1 point

Well then you’ll need a good mattress to store your money because in the future, all banks would be doing it.

permalink
report
parent
reply

Android

!android@lemmy.world

Create post

DROID DOES

Welcome to the droidymcdroidface-iest, Lemmyest (Lemmiest), test, bestest, phoniest, pluckiest, snarkiest, and spiciest Android community on Lemmy (Do not respond)! Here you can participate in amazing discussions and events relating to all things Android.

The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:

Rules

1. All posts must be relevant to Android devices/operating system.

2. Posts cannot be illegal or NSFW material.

3. No spam, self promotion, or upvote farming. Sources engaging in these behavior will be added to the Blacklist.

4. Non-whitelisted bots will be banned.

5. Engage respectfully: Harassment, flamebaiting, bad faith engagement, or agenda posting will result in your posts being removed. Excessive violations will result in temporary or permanent ban, depending on severity.

6. Memes are not allowed to be posts, but are allowed in the comments.

7. Posts from clickbait sources are heavily discouraged. Please de-clickbait titles if it needs to be submitted.

8. Submission statements of any length composed of your own thoughts inside the post text field are mandatory for any microblog posts, and are optional but recommended for article/image/video posts.

Community Resources:

We are Android girls*,

In our Lemmy.world.

The back is plastic,

It’s fantastic.

*Well, not just girls: people of all gender identities are welcomed here.

Our Partner Communities:

!android@lemmy.ml

Community stats

  • 2.6K

    Monthly active users

  • 824

    Posts

  • 5.9K

    Comments

Community moderators