Few years ago I consulted a bank in Norway. It was hard to believe how many customers used infected browsers to connect to the website resulting in huge support cost.
The app is much more secure especially on iPhone or modern androids with crypto enclave or what ever it is called. With that even if a customer installs malicious app and grant it a lot of permission, the bank app can still be unaffected.
>The app is much more secure especially on iPhone or modern androids with crypto enclave or what ever it is called. With that even if a customer installs malicious app and grant it a lot of permission, the bank app can still be unaffected.
"crypto enclave" isn't a silver bullet that magically prevents you from getting hacked. it might keep your signing keys from being divulged, but if the attacker has root access (or jailbroken), there's nothing preventing the attacker from getting the enclave to sign whatever request it wants. at the very least it can corrupt the legitimate app's memory to force it to make a transfer.
the security comes from sandboxing, not secure element/enclave.
And mine runs a 2018 build of LineageOS but the bank apps don't trust it because it is rooted.
We're approaching a point of lockdown where Google and Apple win the war against general-purpose computing. I don't know what I'll do then, perhaps just keep a vanilla Android device in a drawer purely for running apps that I need? But I'd better keep it updated or else the apps may refuse to run. And with an app-only bank that's a scary scenario.
N26 works on rooted phones AND have a website (and I'd go through the trouble of switching banks again if they discontinued it), but for transfers you need the app.
The app is much more secure especially on iPhone or modern androids with crypto enclave or what ever it is called. With that even if a customer installs malicious app and grant it a lot of permission, the bank app can still be unaffected.