cross-posted from: https://lemmy.today/post/29758710
Google is not entitled to my personal banking information or any other PII! WTF if I go to a store and want to buy I will.
Just ignore this.
The major downside of biometrics is that if you get caught, they can force your finger on the phone or force you to look at the front camera.
Yep. I don’t allow biometrics to unlock my devices for this reason. Purchase something? Sure thing! Unlock? Hell no.
If you know you’re about to be in a shady place, you can do a quick restart or lockdown mode on both Android and iPhone. So you still get to use biometrics, but turn it off when you know you might be in some shit soon.
Smartphones are the biggest spyware. I prefer to lick my elbow before storing sensitive data in these devices or using it with banking or medical apps.
I prefer to carry my laptop with it. I mostly use my phone as a mobile router.
The less you do on your phone, the better.
Good ol’ Nokia 3350 times
If your banking app has a biometrics lock, it doesn’t mean the bank has your biometric data. That’s not how this works.
Yeah, android doesn’t allow apps to collect biometrics data, at least not using the standard fingerprint sensors.
Unless the OS is heavily modified i don’t think AOSP is technically capable of doing that
I feel like the bigger security concern here, if one needs to worry about it for their threat level that is more likely, is just like if someone knows your password, who could force me to unlock my phone via biometrics?
the cops?
In America at least, “law enforcement” (Police, Ice, CBP) aren’t allowed to force you to enter your password, but they can just happen to hold your phone up to your finger/face to unlock it using biometrics.
If you don’t enter your password you are deemed suspicious. They’ll just put you in detention for a while to see if you’re a danger. Maybe the holding cells get full and they ship you off maybe you just sit there for a few weeks.
They don’t seem to give a fuck about what they’re allowed or not allowed to do this year.
Travel with a burner phone.
Well, travelling with a burner phone won’t stop a cop from just shooting you in the streets!
It was good talking to you, you have a good day
In America at least, “law enforcement” (Police, Ice, CBP) aren’t allowed to force you to enter your password
Might wanna rethink that. If you aren’t a citizen, they could just threaten to send you to el salvador if you refuse to unlock (and maybe still do it after you complied). Even judges are getting arrested by the gestapo, I don’t feel safe even as a citizen. These are not normal times, I wouldn’t put so much faith on the rule of law.
It’s not about having faith in the rule of law, it’s about minimizing risk. Obviously if they’re just gonna kill you or mail you to CECOT there’s nothing you can do anyway.
deleted by creator
The downside of them is that if you get caught, they can force your finger on the phone or force you to look to the front camera.
That wasn’t a question.
I’m all for not giving more data points where it’s not needed, but is this as bad it seems? All biometric data remains stored on the device, it isn’t sent to Google, or any app for that matter, that’s how the API works
yeah, it’s stored locally. This is just FUD cause “big corpo bad”.
OP
Google is not entitled to my personal banking information
deleted by creator
Payment info is stored locally?
Exactly. Just like they never tracked and stored our movements when we turned iff location history.
The class action suit they lost on that was fake news /s
Yeah… People are like this… It’s All fake news until it isn’t anymore and than everyone is Pikachu Faced…
After all they have done and still doing… I can ASSURE and GUARANTEE you with 100% certitude that they would NEVER do that… They are not that kind of evil. /s
Sigh 😮💨😮💨
There’s a difference between saying “the secure enclave holds the biometric data securely and locally in a verifiable way with no mechanism to retrieve the actual data” and “trust them, don’t worry about it”
That’s different, it’s technically possible not to comply with that statement because the location data is sent and stored, it takes just not deleting it to violate that, it just evaluates to a pinky promise that has to be verified by inspecting their systems.
This, on the other hand, is a technically verifiable claim, the code is open and it all runs locally on the same machine, the TEE will give the green light and that’s how apps will accept your biometric verification, the only thing that might be suspicious is with the implementation of the TEE, I don’t know if every manufacturer keeps the data it gets on the device or secretly communicates outside, this unknown is also a good reason to use a Google Pixel device if you care about thatGoogle Pixel phones use a TEE OS called Trusty which is open source, unlike many other phones.
From the Privacy Guides Mobile phones page
I mean it’s okay to start scared and ignorant, but it’s a choice to stay that way
We think someone has been using your fingerprint. Have you considered submitting your DNA so we know it’s you?
no need. just get arrested for (not convicted of) a felony and they will do that part for you
or have some idiot family member who thought 23 & me was a novel and fun idea
I’m sorry the latter is personal experience
I honestly don’t understand why any company is still trying to store my payment info with the number of leaks that happens
Oh yeh drunk purchases
Temporary workaround — close Play store, turn off data & wifi, open Play store and then connect to network.
Don’t give anything to Google.
Permanent workaround: Aurora Store and F-Droid.
Disable the Play Store.
if you browse the play store on a web browser you can open app links directly to bypass this. for now.
but…but… It’s sooooooo easy and convenient for you and it’s safe, we pinky-promise!
I don’t have it turned on and I’ve never seen this screen. How did you get there?
