Pay securely with an Android smartphone, completely without Google services: This is the plan being developed by the newly founded industry consortium led by the German Volla Systeme GmbH. It is an open-source alternative to Google Play Integrity. This proprietary interface decides on Android smartphones with Google Play services whether banking, government, or wallet apps are allowed to run on a smartphone.
I don’t think I understand this. I don’t actually want to pay with my phone, so thats a non-problem to me, but when I can access my bank with a browser on any pc in the world, why do they need attestation on a mobile? I dont see why the requirement is inconsistent.
I think it’s rather about NFC-powered (i.e. “tap your phone”) payments. These are automatic, which comes with different security issues.
Seems like a strong argument for dedicated hardware to me. Something card shaped 😉