Storage Encryption - One (M7) Q&A, Help & Troubleshooting

Even though there was zero documentation and nobody else seems to have tried it, I turned on storage encryption on my HTC One.
Not impressed. Here are a few observations:
1. At power up (once the drive is encrypted), it appears to go through a full boot cycle. It then presents you with an authentication screen to enter your credentials. It then appears to reboot itself through another full boot cycle and then finally move on to the lock screen. This seems really idiotic.
2. There is no separate crypto password. If you use a 5 digit numerical pin, this is automatically your encryption password. If someone were to really attack the storage crypto, they would be able to brute force a pin in seconds (probably less). Long complicated passwords are too cumbersome to be used on a lockscreen.
3. Luckily, performance impact appears to be minimal once booted - at least not enough to noticeably bother me. I don't have enough comparative data to talk to battery impact, but it appears to be minimal.
4. There is no way to undo encryption....you have to do a factory reset. To be fair, this was documented in the warning screens.
Overall, it feels that this entire feature was an engineering afterthought added to make sure there is a check box for encryption for those customers that require it.

This is a standard Android feature (and therefore provided by Google not HTC). If you search there is plenty of information on this feature, just not in this HTC One specific sub-forum.

Rumball said:
This is a standard Android feature (and therefore provided by Google not HTC). If you search there is plenty of information on this feature, just not in this HTC One specific sub-forum.
Click to expand...
Click to collapse
Thanks for clarification.
Sent from my HTC One using Tapatalk 2

I turned on encryption the day after receiving mine. It hasn't seemed to impact battery life or performance but as the previous poster mentioned, it acts like other Android devices with encryption upon boot.
It is a pain but not near as bad as losing my phone and knowing someone with very little computer skill might be able to get at my data.
Sent from my HTC One using xda premium

rootshot said:
2. There is no separate crypto password. If you use a 5 digit numerical pin, this is automatically your encryption password. If someone were to really attack the storage crypto, they would be able to brute force a pin in seconds (probably less). Long complicated passwords are too cumbersome to be used on a lockscreen
Click to expand...
Click to collapse
have you looked at Cryptfs Password?
it lets you set a separate password for your encrypted volume, so you can have something long 'n complex, but a short numerical pin for your lockscreen
i use it and it's totally awesome
PS: there's also EncPassChanger, it does the same thing

Advance Mobile Care has a folder specific encryption facility called 'privacy locker'
http://forum.xda-developers.com/showthread.php?t=2290180
There are other folder specific encryption apps available.
The main issue with encryption apps is their reliability. Can you really trust them not to lock you out for an unspecified, unrecoverable error?

Zoltair Wright said:
have you looked at Cryptfs Password?
it lets you set a separate password for your encrypted volume, so you can have something long 'n complex, but a short numerical pin for your lockscreen
i use it and it's totally awesome
PS: there's also EncPassChanger, it does the same thing
Click to expand...
Click to collapse
Awesome! Exactly what I was looking for. Thank you.

Related

Some questions regarding phone security...

My Galaxy Note was stolen a few weeks ago. Fortunately, my parents were nice enough to buy me a new one. Now I'm trying to protect it with maximum security. I've set up the pattern lock screen, I was also asked to set up a back up PIN code just in case I forget the pattern. Now when I try to draw the wrong pattern on purpose for over 20 times, it only tells me "Sorry, try again." It doesn't stop me from trying nor does it ask for the PIN code. Is everyone's Note like this or is there something wrong with mine?
I want to know if it's possible to NOT have it ask for the pattern every time I unlock the device? Is it possible to have it ask for the pattern every hour or something? It's quite annoying having to draw a complicated pattern every time I unlock the device.
I also heard of some security app that takes a picture with the front camera after numerous wrong passcode/pattern attempt and sends the picture to my email. Anyone know what apps have the ability to do that?
Lastly, what are some of your advices/suggestions/recommendations for security apps or keeping the phone more secure?
Loads of thanks.
rcheung28 said:
My Galaxy Note was stolen a few weeks ago. Fortunately, my parents were nice enough to buy me a new one. Now I'm trying to protect it with maximum security. I've set up the pattern lock screen, I was also asked to set up a back up PIN code just in case I forget the pattern. Now when I try to draw the wrong pattern on purpose for over 20 times, it only tells me "Sorry, try again." It doesn't stop me from trying nor does it ask for the PIN code. Is everyone's Note like this or is there something wrong with mine?
I want to know if it's possible to NOT have it ask for the pattern every time I unlock the device? Is it possible to have it ask for the pattern every hour or something? It's quite annoying having to draw a complicated pattern every time I unlock the device.
I also heard of some security app that takes a picture with the front camera after numerous wrong passcode/pattern attempt and sends the picture to my email. Anyone know what apps have the ability to do that?
Lastly, what are some of your advices/suggestions/recommendations for security apps or keeping the phone more secure?
Loads of thanks.
Click to expand...
Click to collapse
1. Hmm, for me after 5 incorrect patterns, it just says try again in 30 seconds, don't really have the patience for 20 But I remember one time I gave my friend my phone to hold on to before going for an exam, and she locked the device completely, in which case I had to enter my google account email.
2. there should be a "Lock Delay" option in lock screen settings, and you can delay screen lock, up to 30 min
3. I know what you are talking about with the face taking picture app, but right now for my life of me I can't remember what that app was, back from march-ish, cause I did have it. I used to have Kaspersky anti-theft after that, but got rid of it around june. I felt like it lacked some features, but its been a while, so there could have been an update with more features and stuff. There's an app called Ceberus anti theft that supposedly does the face picture, but I have not used it so can't confirm on that. And there's a specific app on the market Gotya! Face trap. Haven't used it, you can buy it and try it.
3. I'm currently using avast mobile security, since july. I feel like it covers my bases, the only thing thats not featured is the "lock device if entered incorrectly" and essentially the face picture, but i don't really care for that.
Personally, I just use the slider unlock, just quicker, no hassle, especially when driving, its on me always, I trust my friends around me, if someone steals my phone, I have avast to do the magic.
There's many anti-theft/mobile security apps out there, and most are free to install with no in app billing extended features. Kaspersky you have to buy initially, Cerberus is free initially, and has an in app extended feature billing. Just shop around, see what suits your needs
dr. xp55 said:
1. Hmm, for me after 5 incorrect patterns, it just says try again in 30 seconds, don't really have the patience for 20 But I remember one time I gave my friend my phone to hold on to before going for an exam, and she locked the device completely, in which case I had to enter my google account email.
2. there should be a "Lock Delay" option in lock screen settings, and you can delay screen lock, up to 30 min
3. I know what you are talking about with the face taking picture app, but right now for my life of me I can't remember what that app was, back from march-ish, cause I did have it. I used to have Kaspersky anti-theft after that, but got rid of it around june. I felt like it lacked some features, but its been a while, so there could have been an update with more features and stuff. There's an app called Ceberus anti theft that supposedly does the face picture, but I have not used it so can't confirm on that. And there's a specific app on the market Gotya! Face trap. Haven't used it, you can buy it and try it.
3. I'm currently using avast mobile security, since july. I feel like it covers my bases, the only thing thats not featured is the "lock device if entered incorrectly" and essentially the face picture, but i don't really care for that.
Personally, I just use the slider unlock, just quicker, no hassle, especially when driving, its on me always, I trust my friends around me, if someone steals my phone, I have avast to do the magic.
There's many anti-theft/mobile security apps out there, and most are free to install with no in app billing extended features. Kaspersky you have to buy initially, Cerberus is free initially, and has an in app extended feature billing. Just shop around, see what suits your needs
Click to expand...
Click to collapse
The lock delay doesn't work as I want it to because as long as there's some activity within 30 minutes, it doesn't lock. I'm looking for something that looks the phone EVERY certain amount of time, just don't know if it's impossible. Nonetheless, you have given me a great list of suggestions and apps. I'll look into those apps.
I'm open for more suggestions.
rcheung28 said:
The lock delay doesn't work as I want it to because as long as there's some activity within 30 minutes, it doesn't lock. I'm looking for something that looks the phone EVERY certain amount of time, just don't know if it's impossible. Nonetheless, you have given me a great list of suggestions and apps. I'll look into those apps.
I'm open for more suggestions.
Click to expand...
Click to collapse
For security thing, see if you can use this.. http://www.samsungdive.com/DiveMain.do
For more info about using this, please go to Ketan's thread here http://forum.xda-developers.com/showthread.php?t=1946240
First, don't use a lock pattern, it's not safe. The only thing that is really safe is password that is composed of numbers and letters.
For delayed locking I recommend the app delayed lock. The name makes sense doesn't it
Further I recommend some kind of encryption tool to protect sensitive data on your phone. There are many available on google play. For logins etc. you can try keepass which is freeware (open source). For photos, videos and any other file types I use droid crypt which is paid software but offers a long trial periode.
Sent from my Galaxy Note running ICS
Create account on samsung dive & u r good to go...
Sent from my GT-N7000 using xda premium
Thank you all. My previous Note had Samsung Dive set up but immediately (well 10 minutes) after I lost the phone, I tried using Dive but it did not find the phone. I did set it up on my second Note but I'm not fully relying on it.
Ceberus seems like a good app as a few of you guys have already suggested to me. I'll definitely try that out.
Altae, thanks for the list of apps! And I agree that numbers+letters is the most safe password but it takes quite a bit of effort to type and it's not something I can do without me looking at the screen.
Thanks again everyone.

[SOLVED] Change Encryption Password?

Dear all,
I run the stock firmware and encrypted my phone including the SD card.
Is there a possibility to change the associated password? It seems only the lock screen password can be changed.
Best,
Hindman
Those are tied together. If you want to set the encryption password independently, that requires root. And https://play.google.com/store/apps/details?id=org.nick.cryptfs.passwdmanager&hl=de for example.
Iruwen said:
Those are tied together. If you want to set the encryption password independently, that requires root. And https://play.google.com/store/apps/details?id=org.nick.cryptfs.passwdmanager&hl=de for example.
Click to expand...
Click to collapse
Oh yes, you are right. Thank you!
However, one might think that two separate passwords would make more sense. When unlocking a screen, nobody wants to input lengthy passwords, whereas typing a strong encryption password at bootup is acceptable.

Encryption on Note 4

Before, to enable encryption, most Samsung devices required
6 char password with letters and digits.
Lucky exception was Note 3 that allowed 4 digit pin.
Password or pin also had to be the same for boot and lock screen.
Is there any change in that?
Sent from my SM-N900T using XDA Free mobile app
My N4 is encrypted and both my boot and lock screen are the same.
I'm glad they went with a 6 character as the encryption has also been beefed up for the N4.
Rule of thumb: Make sure your password is at least 16 characters or don't bother encrypting your device. You'd be wasting your time Remember...16 minimum.
alexnoalex said:
Before, to enable encryption, most Samsung devices required
6 char password with letters and digits.
Lucky exception was Note 3 that allowed 4 digit pin.
Password or pin also had to be the same for boot and lock screen.
Is there any change in that?
Sent from my SM-N900T using XDA Free mobile app
Click to expand...
Click to collapse
iunlock said:
My N4 is encrypted and both my boot and lock screen are the same.
I'm glad they went with a 6 character as the encryption has also been beefed up for the N4.
Rule of thumb: Make sure your password is at least 16 characters or don't bother encrypting your device. You'd be wasting your time Remember...16 minimum.
Click to expand...
Click to collapse
I think the OP wants what i would like
two different passwords ex one for the encrypted partitions and the other for the lock screen.
what i want to see is a big hairy password for my boot time encryption but then i would like the convenience of the fingerprint scanner to unlock the device.
Ah yes that would be nice. Having to enter in a book every time is a bit annoying. I do have it set to where it won't lock immediately though. It helps somewhat. I'm glad the camera toggle is there too for quick access.
webstas said:
I think the OP wants what i would like
two different passwords ex one for the encrypted partitions and the other for the lock screen.
what i want to see is a big hairy password for my boot time encryption but then i would like the convenience of the fingerprint scanner to unlock the device.
Click to expand...
Click to collapse
No Encryption
My N4 refuses to encrypt. Why? Is it because I am currently using "My Knox" to do all my work stuff in?
Are you encrypting everything including sdcard or are you excluding anything?
Does it affect boot-app launch times or impact performance?
I'd feel better about getting the Note 4 asap once this encryption matter is clarified.. - Thnx
iunlock said:
My N4 is encrypted and both my boot and lock screen are the same.
I'm glad they went with a 6 character as the encryption has also been beefed up for the N4.
Rule of thumb: Make sure your password is at least 16 characters or don't bother encrypting your device. You'd be wasting your time Remember...16 minimum.
Click to expand...
Click to collapse
---------- Post added at 05:49 PM ---------- Previous post was at 05:13 PM ----------
I was going to start a new thread on encryption until I noticed this one got a reply today
Ideally I'd like no-minimal performance impact encryption along with greater unlock convenience. Apparently that will be available in Android L coming to the Note 4 end of November/early December according to http://www.sammobile.com/2014/09/18...te-4-might-get-android-l-in-novemberdecember/ but I've also heard it may be January (hopefully sooner). Anyone know how Android L will handle sdcard encryption as Nexus 6/9 lack sdcard slots?
Until then perhaps you could consider other 3rd party encryption apps such as SSE - Universal Encryption, Encryption Manager etc as mentioned in https://www.youtube.com/watch?v=AYcqo5CEKgI
Android L encrypts by default with many personal unlock options including separate PIN, passwords even trusted faces ( https://www.youtube.com/watch?v=n-YphkBt0j0 ) & trusted devices ( https://www.youtube.com/watch?v=rVmSWQ30Tv0 ) which should offer improved security via standard encryption along with greater unlock convenience I'd like to see it seems (i.e. more focus on just locking out the non-trusted):
Thoughts on when Android L will be officially available for the Note 4 & how its default encryption will handle sdcard slots?
alexnoalex said:
Before, to enable encryption, most Samsung devices required
6 char password with letters and digits.
Lucky exception was Note 3 that allowed 4 digit pin.
Password or pin also had to be the same for boot and lock screen.
Is there any change in that?
Sent from my SM-N900T using XDA Free mobile app
Click to expand...
Click to collapse
No one else has tried encryption could comment on any performance impact?
If the sdcard is not encrypted & your device is lost-stolen no one is worried that all your sdcard data would be accessible without any password (e.g. by popping it in a pc or smartphone with sdcard slot)?
SMARTPHONEPC said:
Are you encrypting everything including sdcard or are you excluding anything?
Does it affect boot-app launch times or impact performance?
I'd feel better about getting the Note 4 asap once this encryption matter is clarified.. - Thnx
---------- Post added at 05:49 PM ---------- Previous post was at 05:13 PM ----------
I was going to start a new thread on encryption until I noticed this one got a reply today
Ideally I'd like no-minimal performance impact encryption along with greater unlock convenience. Apparently that will be available in Android L coming to the Note 4 end of November/early December according to http://www.sammobile.com/2014/09/18...te-4-might-get-android-l-in-novemberdecember/ but I've also heard it may be January (hopefully sooner). Anyone know how Android L will handle sdcard encryption as Nexus 6/9 lack sdcard slots?
Until then perhaps you could consider other 3rd party encryption apps such as SSE - Universal Encryption, Encryption Manager etc as mentioned in https://www.youtube.com/watch?v=AYcqo5CEKgI
Android L encrypts by default with many personal unlock options including separate PIN, passwords even trusted faces ( https://www.youtube.com/watch?v=n-YphkBt0j0 ) & trusted devices ( https://www.youtube.com/watch?v=rVmSWQ30Tv0 ) which should offer improved security via standard encryption along with greater unlock convenience I'd like to see it seems (i.e. more focus on just locking out the non-trusted):
Thoughts on when Android L will be officially available for the Note 4 & how its default encryption will handle sdcard slots?
Click to expand...
Click to collapse

Things I don't like so far

In order from most annoying:
Cannot whitelist k9 mail (and other things) from power saving (this is a deal breaker, I'm taking it back)
Long press to select text instead of double click (vanilla android allows both) (almost a deal breaker)
Media volume cannot be increased without acknowledging warning when BT connected
Can’t disable bixby button without samsung account
No root (needed to run webserver on 80 and change iptables)
Fingerprint sensor hard to find, hard to touch (compared to nexus 6p)
Default phone app sucks and can’t be changed
-Notifications for blocked numbers calling
-Hard to block numbers
-Hard to add recent calls to contacts (uses wrong account or something)
Volume buttons hard to find, on wrong side of phone
Samsung sms app is ugly and horrible (replaceable)
Samsung calendar app does not allow multiple default reminders (replaceable)
Lock screen time is on multiple lines with no way to change it
Thats nice. Enjoy.
swooperstar said:
bleh bleh bleh
Click to expand...
Click to collapse
Where is the question? Wrong forum, maybe you should tell someone who cares?
Um, what phone is this, half the things you complain about can be done by the note 8, so must be another phone. Maybe he got the wrong forum...
Sent from my Galaxy Note8 using XDA Labs
Incorrect, but whatever. Pixel2 XL coming next week to replace this samsuck. This site used to be more help less fanboy.
...more help less fan boy
Click to expand...
Click to collapse
Not about fanboys, you didn't ask for any help, just listed complaints. No one cares about personal complaints.
lol once again the user is the problem not the device... you can do all of those things either with an app from the play store or with root. maybe stick to something more simple? try iOS.
Not sure how moving to another Android device will help you. :laugh:
Being that the OP has a total of 9, count them 9 posts and is a junior member, I'm guessing he's referring to the old days on the site when we were more help and less fanbois
Mr.Ash.Man said:
lol once again the user is the problem not the device... you can do all of those things either with an app from the play store or with root. maybe stick to something more simple? try iOS.
Not sure how moving to another Android device will help you. :laugh:
Click to expand...
Click to collapse
He is already using IOS!
Ryland
Now we know from authoritative source that volume button is on the wrong side all those years, imagine that.
There are ways to adjust pretty much all of these points. Some are android specific - assume you are new to Android??
Did you even review the phone/play with it before spending on something you have chosen to dislike? To be fair you've come to a forum where 99.9999% of people are note enthusiasts so you will be whacked with a great big stick with a post like this :silly:
Ok how do you whitelist from power saving in a way that actually works? The settings interface for that is much different than stock android and doesn't actually let stuff run all the time like it does on my 6p. k9 always says syncing disabled (and works fine on 6p with stock nougat or oreo).
How do you get double-tap to select a word in text? Works by default in stock android.
After asking twice before to confirm increase volume while BT connected, it didn't ask this last time I increased it. I guess it is magically ok now.
How do you disable bixby button without creating a samsung account? There is an app that used to work using accessibility but no longer works in latest update.
How do you get root? The rooting page itself says "2.Enable OEM Unlock from developer option (Currently no workaround for those who doesn't have this option)" and I don't have this option.
How do you change the phone app? I tried downloading and installing one from apkmirror and got an error when installing.
How do you prevent notifications when blocked callers call?
How do you get normal time on the lock screen? Not the always on screen.
swooperstar said:
Ok how do you whitelist from power saving in a way that actually works? The settings interface for that is much different than stock android and doesn't actually let stuff run all the time like it does on my 6p. k9 always says syncing disabled (and works fine on 6p with stock nougat or oreo).
How do you get double-tap to select a word in text? Works by default in stock android.
After asking twice before to confirm increase volume while BT connected, it didn't ask this last time I increased it. I guess it is magically ok now.
How do you disable bixby button without creating a samsung account? There is an app that used to work using accessibility but no longer works in latest update.
How do you get root? The rooting page itself says "2.Enable OEM Unlock from developer option (Currently no workaround for those who doesn't have this option)" and I don't have this option.
How do you change the phone app? I tried downloading and installing one from apkmirror and got an error when installing.
How do you prevent notifications when blocked callers call?
How do you get normal time on the lock screen? Not the always on screen.
Click to expand...
Click to collapse
A respectful suggestion if I may.
Your first post was..... confrontational? Not the way to have your teething problems answered or supported.
Many of us, in all forum's, experience teething problems. I suggest you ask questions preferably one at a time so a peer can offer you some advice.
I have yet to ask for help here and not receive it. You will find there are some amazingly smart guys and gals here who will help IF you ask a palatable question. I am afraid what you have done is cause bad feeling and that's not the way to get help with your problems. Just food for thought. :good:
Ryland
I agree with the fingerprint sensor placement, for me being left handed, I have ot align it perfectly for it to work. Luckily the iris scanner is fast.
One issue I am coming across is my phone would random reboot and some settings would be changed to stock. For example, the font size would be change to default instead of everything tiny. My quick shortcuts layouts are stock and I have to re-login into some apps.
It happened about 3 times since i got the phone the first week of September. Hopefully I'm not alone. Sucks if I am though...lol
There is no help for those issues. That is why there is no response, and why the phone is going back. I am surprised anyone can stand the samsung interface and that is why it might sound confrontational. The apps that samsung replaces default apps with are really awful.
swooperstar said:
There is no help for those issues. That is why there is no response, and why the phone is going back. I am surprised anyone can stand the samsung interface and that is why it might sound confrontational. The apps that samsung replaces default apps with are really awful.
Click to expand...
Click to collapse
The only issue or possibly even an advantage is Samsung is edging it's own ecosystem in more and more. , basically it encourages one to buy another Sammy device and stay on board with them.
Sent from my SM-N950U using Tapatalk
UberPishy said:
Where is the question? Wrong forum, maybe you should tell someone who cares?
Click to expand...
Click to collapse
I care. Thanks to the original poster for critical analysis.
Anybody can fan-boy and circlejerk, that takes no skill.
It takes skill to spot issues and courage to speak out on them.
Every phones has its issues, these do not make Note 8 useless, but buyers can more easily decide if it is for them, when they know its particular failings.
vasra said:
I care. Thanks to the original poster for critical analysis.
Click to expand...
Click to collapse
So which of the OP's claims do you really care about, because most are false, many are non issues for the majority and a few are valid. But the point remains that they were posted in the wrong forum.
vasra said:
I care. Thanks to the original poster for critical analysis.
Anybody can fan-boy and circlejerk, that takes no skill.
It takes skill to spot issues and courage to speak out on them.
Every phones has its issues, these do not make Note 8 useless, but buyers can more easily decide if it is for them, when they know its particular failings.
Click to expand...
Click to collapse
It's not a critical assessment...it's a misleading one.
A few observations.
The volume button on the left side is the more ergonomic position and also makes it less likely you will drop the phone while changing volume making it an objectively better placement. The fingerprint scanner? Yeah, it's poor ergonomics at best and your complaint there is well justified.
Root is something you knew going in you wouldn't have, if it mattered you should have bought something else. I do agree in general that the trend toward taking root access from us is one I hate. That's why I bought an international version and rooted it.
The Samsung calendar app is less well featured than the stock app but it uses no resources when not used and you can always use the google app or one of the several better than stock google calendar apps on the play store. You don't get to complain about not having an app you can put on you phone in seconds which isn't even close to the best app of its kind anyways. I BTW didn't use the stock app on my 6P, didn't meet my needs.Samsung's stock SMS app is awful, IMO someone should be fired there because it falls below even a minimum level of functionality. But then while Googles does manage to get to at least a minimally functional feature set it isn't much better and both are a long way from what can be had in seconds for free that work better than either on the market. You don't get to complain about this one either though, the stock google app is a few clicks away and a few seconds will give that stock google experience if that is your preference.
Same number of clicks with Samsung to add a recent callers to contacts. Hard to do so is dismissed.
Hard to copy because you have to long press instead of double tap? Seriously? lol That's a fairly lame complaint without even taking into consideration the S-pen which opens up a whole world of options that you don't have on the 6P, one of which is using the S-Pen in the first place.
I like the default dialer and it has features which Google's does not. Regardless it can be changed as well as which dialer is the default, where did you get the idea you couldn't change dialers?
I don't have the media volume warning with my phone unless I'm on headphones, not sure why you do?
The Bixby button can be disabled, it can be disabled without signing into Samsung. Just an FYI, it can also be slaved to another function. All without root.
You can white list any app from power saver, just takes a few clicks, assuming of course you know which clicks. You have in an oblique way a real gripe here, Samsung's menus are getting better but they are still too bloated. The search menu function is your friend in pursing hard to find settings.
Who uses lock screens in this day an age? You've get bio-metrics and AOD, leaving the lock screen as an artifact of what was once the best we could do but isn't anymore. Think of it this way, I'm a pathetic old man and I've been able to understand that lockscreens are now just an extra step. Your complaint in this regard reminds me of my friends who cant handle new tech and are still trying to hang on to their flip phone.
At this point you probably think I'm busting your balls a little bit and you're right. On the other hand your complaints are largely groundless. The only real objective gripe you have is the fingerprint sensor location. Your assessment of the volume button location is subjective, not objective, and objectively is incorrect. Your complaints about the stock apps can be applied to google apps in the same way and most of which I changed on my 6P just as I have here. The impression I get is that the main problem you have is you need to learn how to shop better. There is no reason to buy a phone that does not have root if you know you want root. There is no reason to buy a phone well known for it's rather overbearing GUI and menu bloat if you know you are going to hate it. Why do that to yourself?

Biometric Authentication - Banking apps.

Make sure you put 1* reviews on your Banking apps or all apps that need updating to support face unlock, hopefully it will help speed up the development and support of face unlock on the pixel 4. I am really missing fingerprint unlock on my apps!
Demolition49 said:
Make sure you put 1* reviews on your Banking apps or all apps that need updating to support face unlock, hopefully it will help speed up the development and support of face unlock on the pixel 4. I am really missing fingerprint unlock on my apps!
Click to expand...
Click to collapse
Why? I just contacted my credit union asking for them to add support. Maybe larger national banks and stuff should have been aware and had support ready but smaller, more local institutions might just need to know that it's a thing on Android now.
Sent from my Pixel 4 XL using XDA Labs
In the Play Store, you can reach out to contact each app's development team via email. I've written to Chase, Bank of America, Mint, Credit Karma, and the other apps I use. Some developers are aware that they need to update, others aren't. Here are some of the responses I've received.
My original email (to each app):
Please update the Android app to support the biometric API so that I can use the secure face unlock on my Pixel 4! Thank you!
Click to expand...
Click to collapse
Bank of America:
Thank you for your feedback and we apologize for the inconvenience. We are working to update to the latest biometric authentication for the Pixel 4 and expect to have a supporting app shortly. For now, sign-in to the app using your online ID and password. Please look out for an app update soon.
Click to expand...
Click to collapse
Chase:
We'll be happy to review your request to update the
Android App.
Ivan, please note that the Chase Mobile App will work on
any Android smart phone or tablet running Android
operating system 5.0 (Lollipop) or higher. The minimum
operating system is 5.0 or higher. If your mobile phone
does not have the minimum requirement, the Chase Mobile
app will not be compatible.
We want our mobile app users to have the best experience
possible, so we regularly test chase.com using the most
current versions of operating systems. Since some mobile
app functionality may not work well on older operating
systems, we ask that you perform these updates. We
recommend you update your operating system and application
to the newest versions available. If your device isn't set
up to receive updates automatically, you can get the We
recommend you update your operating system and application
to the newest versions available.
We appreciate your business and thank you for choosing
Chase.
Click to expand...
Click to collapse
Credit Karma:
To determine if your Touch ID or Face ID function is turned on or off, go into your settings by clicking the icon in the top right corner of the app. The directions are the same whether you’re using Touch ID or Face ID.
If Touch or Face ID is turned on you will see a green circle with a white check mark.
If it’s turned off, simply click the empty circle and you’ll be prompted with a message stating the fingerprints or face registered on your phone can be used to access your Credit Karma account. Click “OK” to this prompt and you will be asked to enter your PIN to confirm this change.
Touch or Face ID is now turned on and you will be allowed to use this function to access the Credit Karma app moving forward.
Please note that if you log out of your account, the next time you open the app you’ll be prompted to enter your email address and password.
Thanks so much,
Click to expand...
Click to collapse
I've been sending further follow-ups to the ones who clearly don't understand what we are asking.
The more people who contact them, the more they'll understand that their apps are the problem by not using the current API.
I think Chase already stated that they were going to have an update before the end of the year. Hopefully sooner rather than later.
Robinhood works!
btonetbone said:
In the Play Store, you can reach out to contact each app's development team via email. I've written to Chase, Bank of America, Mint, Credit Karma, and the other apps I use. Some developers are aware that they need to update, others aren't. Here are some of the responses I've received.
My original email (to each app):
Bank of America:
Chase:
Credit Karma:
I've been sending further follow-ups to the ones who clearly don't understand what we are asking.
The more people who contact them, the more they'll understand that their apps are the problem by not using the current API.
Click to expand...
Click to collapse
Very nice work, I have left reviews and also contacted all my Banks via email. Hopefully it speeds up the process.
Throwing up a bunch of one-star reviews won't help, and all it serves to do is make the rater (you) look petty and childish. I'll send an email to my institutions, like a grownup, and go from there.
Getting in contact directly works best, via the play store will get you to the android app devs. I usually go through Twitter and you get a spokesperson who wouldn't know an apk from an adb and will give a stock response of soon™.
Remind them that the old biometric APIs are deprecated and that they should update to current versioning. Should anything happen they don't want to be the story of the bank that wasn't able to keep up.
Honestly I'm not missing it that much for my bank that much because I use LastPass which autofills it quickly. I do miss it for Outlook though because I have to do a pin.
Sent from my Pixel 4 XL using Tapatalk
So Far E-Trade has been updated to the Pixels face Unlock... I sent an email via the app store also to a credit union hoping they will update their app. I'm hoping within the next 2 weeks to a month that all major banks will update...
How secure if this anyway? I mean, my banking account has a password. I enter that password in my banking app to log into my account. In the future I will use my facial scan to log into my banking app.
Does that mean my banking account will have two password (1x password + 1x facial scan) oder will my password be stored somewhere in the app or on android and simply be passed on the my facial scan is verified?
Both do not sound very secure to me.
If you don't feel it's secure then just don't use the app.. simple. I trust that the banks know the risks and have mitigated them. After all they are the ones on the hook if there's fraud.
bobby janow said:
If you don't feel it's secure then just don't use the app.. simple. I trust that the banks know the risks and have mitigated them. After all they are the ones on the hook if there's fraud.
Click to expand...
Click to collapse
Not really the informative answer I was looking for.
I wouldn't blindly trust a bank app or any of the other countless apps that would use my facial scan.
What happens if your facial scan gets stolen / leaked. Everyone with that information will for ever be able to access your data. And you can't even change your access code like you would be able to with a password.
And it seems like you also have no idea where your facial scan is being saved, and how it is secured / locked down. Maybe it is just a plain file on your phone's storage? You don't seem to know.
Why no simply write down all your passwords in a .txt file and save it on your sdcard? That would alteast have the advantage that you could change your password at some point.
Utini said:
Not really the informative answer I was looking for.
I wouldn't blindly trust a bank app or any of the other countless apps that would use my facial scan.
What happens if your facial scan gets stolen / leaked. Everyone with that information will for ever be able to access your data. And you can't even change your access code like you would be able to with a password.
Click to expand...
Click to collapse
Isn't the face unlock for that device only? It's not like someone can install your bank app on their phone, somehow use your face unlock information, and spoof you on that device. Also there's still 2 step verification, at least with my bank, so the new app would still need to get the verification code. If anything, it's easier to do with your password because that's something that can be typed in and then somehow get the verification code text.
Sent from my Pixel 4 XL using Tapatalk
Utini said:
Not really the informative answer I was looking for.
I wouldn't blindly trust a bank app or any of the other countless apps that would use my facial scan.
What happens if your facial scan gets stolen / leaked. Everyone with that information will for ever be able to access your data. And you can't even change your access code like you would be able to with a password.
Click to expand...
Click to collapse
I'm not sure of the question you are asking. It seemed rhetorical to me basically commenting on how you don't think fingerprint, facial or password entry is secure on your app. I don't think any of it is stored in the cloud but nonetheless it's probably not as secure as walking into your bank and transacting with a teller. Even websites probably aren't as secure as you wish they were. So what exactly are you asking that you expect a reply to? You can perhaps check with your bank as to what your liability would be if your account got hacked.
EeZeEpEe said:
Isn't the face unlock for that device only? It's not like someone can install your bank app on their phone, somehow use your face unlock information, and spoof you on that device. Also there's still 2 step verification, at least with my bank, so the new app would still need to get the verification code. If anything, it's easier to do with your password because that's something that can be typed in and then somehow get the verification code text.
Sent from my Pixel 4 XL using Tapatalk
Click to expand...
Click to collapse
Oh is it? That makes it defeniately more secure. But then I would still like to know how it is ensured that my facial scan only works with my specific mobile device and not with any other mobile device.
Yep for banking there is still 2 step verficiation. Good point. But I was actually thinking more about e.g. KeePass.
bobby janow said:
I'm not sure of the question you are asking. It seemed rhetorical to me basically commenting on how you don't think fingerprint, facial or password entry is secure on your app. I don't think any of it is stored in the cloud but nonetheless it's probably not as secure as walking into your bank and transacting with a teller. Even websites probably aren't as secure as you wish they were. So what exactly are you asking that you expect a reply to? You can perhaps check with your bank as to what your liability would be if your account got hacked.
Click to expand...
Click to collapse
Maybe I didn't explain my question good enough. I will try again:
Currently I would unlock e.g. my KeePass Database with a password.
In the future I would use my facial scan for that.
I wonder at what point my facial scan will access my password of the KeePass Database, because it somehow has to know my password in order to unlock KeePass?
And in that case my password suddenly isn't saved only in my head anymore but also within android or another app (because Face Unlock has to somehow know it?).
Or will my KeePass database get a second "password" which is my facial scan data?
In that case I want to make sure that my facial scan is very secure and can't be stolen. Because if it turns up in smth like "haveibeenpwnd.com" everyone will forever be able to access all my files with my leaked facial scan which I cannot even change to something different anymore.
Utini said:
Maybe I didn't explain my question good enough. I will try again:
Currently I would unlock e.g. my KeePass Database with a password.
In the future I would use my facial scan for that.
I wonder at what point my facial scan will access my password of the KeePass Database, because it somehow has to know my password in order to unlock KeePass?
And in that case my password suddenly isn't saved only in my head anymore but also within android or another app (because Face Unlock has to somehow know it?).
Or will my KeePass database get a second "password" which is my facial scan data?
In that case I want to make sure that my facial scan is very secure and can't be stolen. Because if it turns up in smth like "haveibeenpwnd.com" everyone will forever be able to access all my files with my leaked facial scan which I cannot even change to something different anymore.
Click to expand...
Click to collapse
I used LastPass and I think it's not different then when I died the fingerprint option for it. There's a master password for the account and biometric login is, again, just for the individual device. And again, there's 2 step verification at least with LastPass, for whenever you set up.
Sent from my Pixel 4 XL using Tapatalk
EeZeEpEe said:
I used LastPass and I think it's not different then when I died the fingerprint option for it. There's a master password for the account and biometric login is, again, just for the individual device. And again, there's 2 step verification at least with LastPass, for whenever you set up.
Sent from my Pixel 4 XL using Tapatalk
Click to expand...
Click to collapse
Sounds interesting and secure. Now I am interested in how it is ensured that my fingerprint / facial scan will only work with my specific mobile device and that the stolen data from my device can't be used from another device
Utini said:
Oh is it? That makes it defeniately more secure. But then I would still like to know how it is ensured that my facial scan only works with my specific mobile device and not with any other mobile device.
Yep for banking there is still 2 step verficiation. Good point. But I was actually thinking more about e.g. KeePass.
Maybe I didn't explain my question good enough. I will try again:
Currently I would unlock e.g. my KeePass Database with a password.
In the future I would use my facial scan for that.
I wonder at what point my facial scan will access my password of the KeePass Database, because it somehow has to know my password in order to unlock KeePass?
And in that case my password suddenly isn't saved only in my head anymore but also within android or another app (because Face Unlock has to somehow know it?).
Or will my KeePass database get a second "password" which is my facial scan data?
In that case I want to make sure that my facial scan is very secure and can't be stolen. Because if it turns up in smth like "haveibeenpwnd.com" everyone will forever be able to access all my files with my leaked facial scan which I cannot even change to something different anymore.
Click to expand...
Click to collapse
Oh I see now. This really has more to do with your password manager than the bank. Unfortunately, I don't use a PM even though I suppose I should. Everyone says it's pretty secure. Since I don't really know what I'm talking about at this point I'll give it a shot anyway. lol
I don't think the facial scan or the fingerprint scan is saved anywhere other than your device. But I do use fingerprint (or did) scans on my banking app. If I change my password on the banking site my fingerprint scan will no longer work on the app. I would first have to change my password on the app and then reregister my fingerprint when the new password is entered. Can we compare it to the face scan at this point? I mean you can't change your fingerprints either right? Before I go on, am I reading your concerns correctly?
Utini said:
Sounds interesting and secure. Now I am interested in how it is ensured that my fingerprint / facial scan will only work with my specific mobile device and that the stolen data from my device can't be used from another device
Click to expand...
Click to collapse
https://support.google.com/pixelphone/answer/9517039?hl=en
Maybe this confirms it?View attachment 4860867
Sent from my Pixel 4 XL using Tapatalk

Categories

Resources