Attached: 1 image
HSBC has chosen to block its mobile app on my phone because *checks notes* I've got a password manager, Bitwarden, installed via F-Droid.
Its solution is for me to remove Bitwarden.
My solution is to stop using HSBC's app.
Let me start by saying how stupid that is…. But, if I had to come up with a reason, it may be because Bitwarden can store passkeys which can then make them portable as opposed to device specific which technically is a security bypass.
I believe they are just indiscriminately checking for the installed source (an information available from Android).
If the installed source is not from Google Play Store, it will attempt to block. In this case, app is installed from f-droid.
this is not just HSBC, a lot of Asian banks implemented this, likely as a reaction to the scam cases.
Let me start by saying how stupid that is…. But, if I had to come up with a reason, it may be because Bitwarden can store passkeys which can then make them portable as opposed to device specific which technically is a security bypass.
I believe they are just indiscriminately checking for the installed source (an information available from Android). If the installed source is not from Google Play Store, it will attempt to block. In this case, app is installed from f-droid.
this is not just HSBC, a lot of Asian banks implemented this, likely as a reaction to the scam cases.
Yeah I would say almost assuredly they have seen scams abusing this enough to have to implement a countermeasure