I've used GrapheneOS for years now and it is the easiest-to-use, lowest friction privacy oriented software I've interacted with.

I'm not sure why one banking app not working would be a deal breaker (Can you not live without that specific banking app?) or why things being "digital-first" would be an issue (Are you talking about a government app not working?). The only people I think that it isn't practical for are those that need a specific dual factor authentication app for their job that doesn't work on it or someone that uses there phone for their business as a payment processor that requires an app that doesn't work on it. Otherwise it's kinda install it and forget about it, which is how I wish more privacy focused software worked.

> In my country, the state is enforcing a lot of essential workflows to be digital-first (and in extreme cases digital-exclusive) and I dread to think needing these services at a crticial moment and the choice of my OS making it impossible for me. This is more of a commentary on my government's choices but it's a reality for me.

If my country did this I would get a cheap used device for this purpose and keep it powered off. I refuse to carry a pocket spy for the sake of convenience. I find that it’s rarely an issue.

Another daily GrapheneOS driver here. I've kept banking apps off my phone anyway, and I do banking via desktop/website (I don't understand why people need to do banking 'on the go') and just use a physical credit card for tap payments when I'm out and about.

I do have older Android devices that I have run banking apps on, that I can revert to if necessary, but there's a fair bit of inconvenience I would be happy to endure to avoid being forced into that final option.

What I would recommend is a slow transition, and just start using it at home. If you have GrapheneOS on it's most paranoid settings (exploit protections) there will be exceptions you'll need to allow for a few apps.

I worried about that too, but jumped in and it hasn't been an issue at all in two years. Including three bank apps. And it's usually so easy to reset to vanilla Android if you need to that it shouldn't be your moat.

As someone who daily-drives GrapheneOS, there isn't a single app that I want to use that is broken. I don't see any reason to use regular Android.

We shouldn't install apps that use the Google Play Integrity or are closed-source in the first place. That's what I do.

The issues with GrapheneOS for me are:

1. They don't support rooting the OS. This is such a basic requirement for me. Why would I use an OS that doesn't let me do anything and everything with it?

2. They only support Google Pixel phones that don't have kill switches for the microphone, camera, radio and so on, as far as I know. GrapheneOS may be very secure, but nothing is 100% secure. Except cutting power to the mic. I'd be fine with physically removing the accelerometer and other sensors that can act as mics, even the mic itself. But newer phones are a bitch to open and close as they use glue instead of screws.

So right now I'm waiting for a Linux phone that's priced normally. I tried the PinePhone a couple of years ago, but it was an awful experience. Hopefully something comes soon. If not - I'll use my dumb phone.

I wonder if it would be feasible to build an automated phone-using robot, and access it remotely for any kind of apps enforcing that type of crap. There is really nothing they can do in terms of device attestation to prevent it.

I run GrapheneOS as a daily driver and slowly removed all proprietary software from my device by looking for FOSS alternatives on F-Droid. Luckily, I'm able to access banking and government in a web browser on a dedicated profile.

I do have a second Android device with a stock ROM that I keep turned off in a drawer in case I ever need to use an app that requires Play Integrity in an emergency.

I believe there is some support for the API although its not perfect.

You're blowing this entirely out of proportion. The vast vast majority of apps work without issue with sandboxed play services. Yes it's less plug and play than a stock os. No it's not a life-ending inconvenience.

> As much as I'd love to daily drive an OS like GrapheneOS

The Play Integrity shenanigans is mostly on app developers.

That said, good thing GrapheneOS will launch its own Android phone: https://discuss.grapheneos.org/d/27687-new-manufacturer-theo... / https://piunikaweb.com/2025/10/13/grapheneos-ending-pixel-ex... / https://www.androidauthority.com/grapheneos-phone-wait-or-bu...

Provided GrapheneOS is cleared by Google to launch it as an "Android" device. Given the kind of changes GrapheneOS packs, it may or may not meet Android's mandatory CCD (compatibility) requirements.

Is the app the only way to access what you need? I've never once install the app of any bank I've ever used (10ish) and never found myself wishing I had.

I've seen a couple of apps try to use Play Integrity, get blocked by GrapheneOS, and keep on running. Maybe I'm being locked out of something, but it's not something I use anyway.

Note that I don't use banking or government apps. If I bank online it's via the web.

but who says you have to limit yourself to one device? it's mildly inconvenient to carry more than one, sure, but the added benefit of an air gap between "serious business" and "personal life" is very much worth it, imo.