zlacker

[parent] [thread] 2 comments
1. mschus+(OP)[view] [source] 2025-09-16 09:13:09
I get where that one is coming from though - tap-to-pay is considered second-factor-authenticated, aka no PIN entry is necessary at the PoS terminal because the user already entered their PIN or presented biometric credentials to the smartphone.

If a malware were able to snatch the key material that represents the credit card outright or it could (by running as root) act to the TEE like it were Google Pay's NFC controller app, it would enable the actor controlling the malware to spoof the credit card on their own phone... and since tap-to-pay is considered authenticated, chances are next to zero you can dispute the payment.

replies(2): >>63stac+u5 >>nani8o+du
2. 63stac+u5[view] [source] 2025-09-16 10:03:50
>>mschus+(OP)
>If a malware were able to snatch the key material that represents the credit card

I'm pretty sure that data is stored in the secure enclave, which is impossible to access by design, root, no root, bootloader unlocked, google approved or not.

3. nani8o+du[view] [source] 2025-09-16 13:10:11
>>mschus+(OP)
There's already a better way to check whether an Android phone is secure enough and it is independent of any proprietary OS certification: basicIntegrity [1].

Most banking apps in Germany use this API and thus work on GrapheneOS and other non-Google controlled ROMs with a locked bootloader.

PlayIntegrity is unnecessary and mostly offers vendor lock in to Google's ecosystem.

[1] https://grapheneos.org/usage#banking-apps

[go to top]