cross-posted from: https://lemmy.today/post/29758710
Google is not entitled to my personal banking information or any other PII! WTF if I go to a store and want to buy I will.
Just ignore this.
The major downside of biometrics is that if you get caught, they can force your finger on the phone or force you to look at the front camera.
There is hardware level security used to perform the authentication and holds your biometric data locally. If you get a new phone, you have to re-add your fingerprints. Assuming the hardware security is impenetrable by software, it’s safe.
But that’s not an assumption we can make any more; the security landscape is very dynamic right now. You cannot be too careful.
We all live with constant risk of whose good reputation will be squandered next for a price. Or that AI will revolutionize hacking. Or that quantum computing will break the security. Or that [insert exporting nation here] modified the chip before it shipped for assembly, circumventing the manufacturers entirely. Never mind all the political factors!
Admittedly, I don’t go about my life considering any of this, but I’m not a big privacy hawk either. I gave most of my personal data away as a kid and I go about my life assuming it’s already out there. Ignorance is bliss, I suppose, at least so far fingers crossed
deleted by creator
Smartphones are the biggest spyware. I prefer to lick my elbow before storing sensitive data in these devices or using it with banking or medical apps.
I prefer to carry my laptop with it. I mostly use my phone as a mobile router.
The less you do on your phone, the better.
That wasn’t a question.
If your banking app has a biometrics lock, it doesn’t mean the bank has your biometric data. That’s not how this works.
I feel like the bigger security concern here, if one needs to worry about it for their threat level that is more likely, is just like if someone knows your password, who could force me to unlock my phone via biometrics?
In America at least, “law enforcement” (Police, Ice, CBP) aren’t allowed to force you to enter your password, but they can just happen to hold your phone up to your finger/face to unlock it using biometrics.
the cops?
Yeah, android doesn’t allow apps to collect biometrics data, at least not using the standard fingerprint sensors.
Unless the OS is heavily modified i don’t think AOSP is technically capable of doing that
I’m all for not giving more data points where it’s not needed, but is this as bad it seems? All biometric data remains stored on the device, it isn’t sent to Google, or any app for that matter, that’s how the API works
yeah, it’s stored locally. This is just FUD cause “big corpo bad”.
OP
Google is not entitled to my personal banking information
locally
Payment info is stored locally?
Exactly. Just like they never tracked and stored our movements when we turned iff location history.
The class action suit they lost on that was fake news /s
Yeah… People are like this… It’s All fake news unti it isn’t anymore and than everyone is Pikachu Faced…
After all they have done and still doing… I can ASSURE and GUARANTEE you with 100% certainty that they would NEVER do that… They are not that kind of evil. /s
Sigh 😮💨😮💨
That’s different, it’s technically possible not to comply with that statement because the location data is sent and stored, it takes just not deleting it to violate that, it just evaluates to a pinky promise that has to be verified by inspecting their systems.
This, on the other hand, is a technically verifiable claim, the code is open and it all runs locally on the same machine, the TEE will give the green light and that’s how apps will accept your biometric verification, the only thing that might be suspicious is with the implementation of the TEE, I don’t know if every manufacturer keeps the data it gets on the device or secretly communicates outside, this unknown is also a good reason to use a Google Pixel device if you care about thatGoogle Pixel phones use a TEE OS called Trusty which is open source, unlike many other phones.
From the Privacy Guides Mobile phones page
I mean it’s okay to start scared and ignorant, but it’s a choice to stay that way
We think someone has been using your fingerprint. Have you considered submitting your DNA so we know it’s you?
no need. just get arrested for (not convicted of) a felony and they will do that part for you
or have some idiot family member who thought 23 & me was a novel and fun idea
I’m sorry the latter is personal experience
I honestly don’t understand why any company is still trying to store my payment info with the number of leaks that happens
Oh yeh drunk purchases
Temporary workaround — close Play store, turn off data & wifi, open Play store and then connect to network.
Don’t give anything to Google.
Permanent workaround: Aurora Store and F-Droid.
Disable the Play Store.
if you browse the play store on a web browser you can open app links directly to bypass this. for now.
but…but… It’s sooooooo easy and convenient for you and it’s safe, we pinky-promise!
I don’t have it turned on and I’ve never seen this screen. How did you get there?
