PrivSec-dev
La Banque Postale
Is there an existing issue for this?
- [X] I have searched the existing issues
App name
La Banque Postale
Link to app
https://play.google.com/store/apps/details?id=com.fullsix.android.labanquepostale.accountaccess
App version
v20.21.5
Country of the app
France
Device
- [ ] Pixel 6 Pro
- [X] Pixel 6
- [ ] Pixel 5a
- [ ] Pixel 5
- [ ] Pixel 4a (5G)
- [ ] Pixel 4a
- [ ] Pixel 3a XL
- [ ] Pixel 3a
- [ ] Pixel 3 XL
- [ ] Pixel 3
Google Play installed
- [ ] Installed
- [X] Not installed
Google Play Network permission revoked?
- [ ] Revoked
- [ ] Not revoked
- [x] I did not have Google Play installed
SafetyNet Enforcement
- [ ] Enforced
- [X] Not enforced
- [ ] Unsure
Native code debugging
- [X] Enabled
- [ ] Disabled
Stock OS compatibility
- [X] Works
- [ ] Does not work
- [ ] Not tested
Profile app tested in
- [X] Main user profile
- [ ] Secondary user profile
- [ ] I used a work profile device manager app (Please mention more details about it down below like the app)
Description of the app's functionality
Logging in works. 2FA works (Certicode Plus). Biometrics authentication works. I haven't try yet Payment/Transfers. Internal messaging works.
Are there any extra notes you think users should know about?
No response
ADB logcat of the app if necessary
No response
Just to confirm that Payment/Transfers work too with last version of La Banque Postale app 22.2.0.
Pour une bonne utilisation de Banque Postale, suite à la mise à jour de GrapheneOS permettant de contrôler les exécutions de code téléchargé, j'ai dû autoriser "Dynamic code loading via memory". Les options "Webview JIT" et "Dynamic code loading via storage" peuvent être désactivées sans problème à ce jour.
Version 25.1.10, l'application fonctionne mais, aléatoirement et régulièrement, celle-ci m'indique que je ne peux pas utiliser l'application sur cet appareil et que je dois l'installer sur un autre (détail : "SAFE_ERROR").
Quitter et relancer l'application permet de contourner le problème temporairement, mais l'appareil n'est plus considéré de confiance (il faut refaire la procédure d'association). Ça ne sent pas bon... :-(
@waays-tl Try disabling secure app spawning in settings ---> security & privacy ---> exploit protection.
@waays-tl Try disabling secure app spawning in settings ---> security & privacy ---> exploit protection.
I just did so. Starting the app a few times worked fine. I'll keep you in touch in a few days in any case. Thanks!
@waays-tl Try disabling secure app spawning in settings ---> security & privacy ---> exploit protection.
I just did so. Starting the app a few times worked fine. I'll keep you in touch in a few days in any case. Thanks!
Problem just happened again, unfortunately. Seems to happen quite randomly when starting the app.
Version 25.3.0 (Aurora Store) works without this issue on my Pixel 6 (GrapheneOS 2025042500) with Exploit protection unchecked
I've since downgraded to 24.7.5, and am no longer experiencing the issue, although i didn't add the device back as a trusted device. I'll try to upgrade again and report back.
Thanks
@houdini69 @waays-tl Are you using the owner profile or a secondary one?
@houdini69 @waays-tl Are you using the owner profile or a secondary one?
If you are talking about the Android's multi-user feature, nope, I'm using only one "main" account.
@waays-tl @houdini69 Let's compare the exploit protection settings, there ought to be something different between your two setups.
@waays-tl @houdini69 Let's compare the exploit protection settings, there ought to be something different between your two setups.
I've activated "Exploit protection compatibility mode". Hardened memory allocator is disabled. Native code debugging is allowed. Dynamic code loading via [memory|storage] is allowed.
I'll upgrade to the latest version again, next week probably, and see what it does.
@waays-tl @houdini69 Let's compare the exploit protection settings, there ought to be something different between your two setups.
I've activated "Exploit protection compatibility mode". Hardened memory allocator is disabled. Native code debugging is allowed. Dynamic code loading via [memory|storage] is allowed.
I'll upgrade to the latest version again, next week probably, and see what it does.
v 25.3.0 Pixel 6. In my case, I haven't activated "Exploit protection compatibility mode". "Hardened memory allocator" is enabled (default). "Native code debugging" is blocked (Default). "Dynamic code loading via memory" is allowed (default).
v 25.3.0 Pixel 6. In my case, I haven't activated "Exploit protection compatibility mode". "Hardened memory allocator" is enabled (default). "Native code debugging" is blocked (Default). "Dynamic code loading via memory" is allowed (default).
Is your device used as a trusted device for Certicode Plus?
Is your device used as a trusted device for Certicode Plus? Yes, it's used for Certicode Plus.
Thanks. I upgraded the app through the official Play Store yesterday (25.3.0). This morning, tested starting the app:
(sorry for the crappy screenshot - the app doesn't allow them, I had to use my - bad - webcam)
I've updated my App settings according to yours (mainly, it meant disabling Exploit Protection compatibility mode and blocking Native code debugging).
Restarted the app, it went OK, reenabled Certicode Plus (which gets zapped every time the error shows up). Tried starting / closing / starting the app a few times and for now it seems to be OK.
I'll keep you in touch. Thanks a lot for taking time to help me :)