Banking apps are such a disgrace. Full of weird ideas about what is ok and what is not and which data and whatnot they need or else they won't run and in the end it doesn't help at all.
My bank recognizes the risk that third-party keyboard apps pose, and has their own keypad in their authentication app.
The same bank has a maximum password length of 8 characters, and they'll truncate longer passwords without informing the user -- set the password to "correct horse battery staple" and you'll be able to log in with "correct ". When I pointed it out they recommended setting a shorter password.
