Ask HN: How to emulate a smartphone on a computer for banking apps?

33 点作者 kome9 个月前

Until 2021, I never had a smartphone. While the "app" revolution unfolded around me, I happily stuck to using the internet on my computer. I navigated new cities by intuition, rarely asking for directions, relying on my good sense of direction. That changed when a European directive forced banks to require two-factor authentication, leaving me no choice but to get a smartphone. I bought a cheap one. Over time, I found myself using it for trivial things, like checking Twitter on the tram—moments of contemplation turned into information overload. Sure, having a map or buying a ticket on the fly is practical sometimes, but it hasn’t improved my life overall. Long story short, I've decided to remove the phone from my life again.If I’m writing here, it’s because I need some ideas. Before buying a phone, I tried installing the banking app on an Android emulator (BlueStacks). However, the app recognized the emulator wasn’t a real phone and refused to work. My question is: how can I emulate a real phone on a computer? Does anyone have experience or references on this? It would be great to build a collection of ideas and references here in the comments that could be easily found by search engines for others with the same problem.In summary: Have you ever done something similar? Any suggestions, ideas, or hacks?

25 条评论

riedel9 个月前

Even with a Smartphone you will have a terrible experience if you do not use stock vendor software. On a custom rom one needs to install zygisk modules [0] to get around the play integrity madness (before that safetynet). As this still dies not rely in Hardware attestation it could works in emulators, too. What we need are court rouling against this ! Banks actually force us to give our data and sell souls to Google an Apple.[0] <a href="https://github.com/chiteroman/PlayIntegrityFix/releases">https://github.com/chiteroman/PlayIntegrityFix/releases</a>Edit: seemingly PoCs exist : <a href="https://xdaforums.com/t/poc-safetynet-bypass-for-emulators.4607061/" rel="nofollow">https://xdaforums.com/t/poc-safetynet-bypass-for-emulators.4...</a>

评论 #41347823 未加载

评论 #41313347 未加载

评论 #41336722 未加载

qazxcvbnmlp9 个月前

Take a phone and glue it to a large sheet of plywood. You won’t mindlessly scroll when you have an awkward experience trying to use the phone.- If you’re trying to solve the problem of phone being too addictive, make it less addictive. Delete twitter, setup your life around you so that it’s not focused around responding promptly to people. Intentionally don’t connect to WiFi and limit the speed to 2G.I can’t speak for Europe, but here in the USA it’s still very practical to create a life without a phone.

评论 #41312625 未加载

评论 #41312830 未加载

评论 #41336725 未加载

thedailymail9 个月前

I just bought my first cell phone ever last weekend, for exactly the reasons you describe: my bank (in Japan) stopped letting me log in to my online account without 2FA, which can only be received as SMS. I don't need or want a phone, don't use any of the apps, but I still had to purchase one and pay the monthly subscription in order to access my bank account.boo

评论 #41343926 未加载

评论 #41321209 未加载

thorin9 个月前

I've never used a banking app, always use the browser version. It just seems like something else to worry about, I don't do much banking really. Barclays uk have their own 2fa pinsentry, my other accounts use sms which is usable with the dumb phone my dad has.

评论 #41313613 未加载

whalesalad9 个月前

It's easier to remove unwanted apps from the device and work on your self-control than it is to do what you are describing. A lot of banking apps won't work on a rooted phone, for instance. I'd imagine you will have similar problems in a simulator. Just keep a burner phone with minimal shit installed.As for 2FA, there are plenty of devices that can do this without a phone/SMS. I use 1password for 2FA across all my devices (laptop, desktop, phone).

yesfitz9 个月前

Some banks offer independent physical two-factor authentication devices.ING: <a href="https://www.ing.nl/particulier/digitaal-bankieren/mijn-ing/scanner-aanvragen" rel="nofollow">https://www.ing.nl/particulier/digitaal-bankieren/mijn-ing/s...</a> HSBC: <a href="https://www.expat.hsbc.com/ways-to-bank/online/secure-key-faqs/#gettingstarted" rel="nofollow">https://www.expat.hsbc.com/ways-to-bank/online/secure-key-fa...</a> Bank of America: <a href="https://www.bankofamerica.com/security-center/online-mobile-banking-privacy/usb-security-key/" rel="nofollow">https://www.bankofamerica.com/security-center/online-mobile-...</a>It may be easier to switch banks to one with a supported solution that fits your lifestyle than rely on a workaround that would raise suspicion. And you'd be voting with your wallet.

评论 #41314722 未加载

deivid9 个月前

I changed banks to one that supports "e.dentifier" -- a physical 2fa device. Unsure for how long it will be supported, as they are pushing the app quite heavily

goldfishgold9 个月前

Maybe try downloading android studio and setting up a phone in there. It will have access to the real Google play store.

pomatic9 个月前

This bothers me too - I would really prefer not to have to have a phone to interact in society. Phone farms have the technology to solve the problem you have - it's graceless, but it is an answer - essentially reducing things to servo-driven interactions with a phone.

评论 #41312813 未加载

SnorkelTan9 个月前

Banking is one of the domains where you will encounter the bleeding edge of sophisticated bot/malware detection. Banks lose billions to fraud and theft. They will pay top dollar to detect and prevent it. Likewise, since the thieves can make so much money bypassing it, they will in turn be extremely sophisticated with their attacks. In short, you’re going to have a bad time. The easiest suggestion mentioned here is to buy a cheap phone and only use it for banking.Additionally, most scammers don’t even bother trying to emulate phone platforms. It’s easier to buy lots of phones and install custom software that allows a bot farm to remote control it.

Scharkenberg9 个月前

You could hope that Android Studio's emulator / modded Waydroid or WSA would work for a while. At most you'd be buying time. Seriously, just keep the phone and fix your own unwanted habits instead. You'd be wasting your time fighting the checks and blocks they have put in place. At some point strict hardware attestation will be both very strong and ubiquitous enough that it will be impossible to run apps with high security requirements in custom environments. Google and Apple have no incentive to let loose either, unless they are forced to, which I unfortunately don't see happening.

评论 #41313288 未加载

jiehong9 个月前

I tried a bit of the opposite: replacing the computer with a tablet that can run those apps directly.I eventually found tablets too limited in what I can do with them (like an iPad in my case).A weird non-solution could be something like keeping your smartphone, but use the mirroring function on your laptop (Apple just announced this on Mac OS to mirror an iPhone).This makes me think: while developing on Mac OS for the iPhone, one can run an emulator to check the app. Could that emulator be used with a shipped app? (Assuming you can even get the app itself from the store). I have no experience in that area.

vednig9 个月前

There are a few ways to bypass the usage 1. Try our ChromeOS or Chromebook It supports android app via Play Store 2. Try dual boot using androidx86 projectSince, hardware limitations, options seem pretty much restrictive

jdsnape9 个月前

I think the best approach would be to enroll the device in a MDM solution such as jamf. You can use this to apply very granular restrictions to what apps or websites can be used, and if you set a complex passphrase then you can’t just log in and reduce the restrictions.I started down this path, but unfortunately I’d already been using the device and it was tricky to migrate data like photos/contacts onto the restricted device.

nytesky9 个月前

Get a cheap android phone and put a metered data service on it like Tello ($6 month for 1G and 200 SMS). Then leave it at your desk like PP said.You might get by with WiFi service and a Google voice number, but many banks only trust real cell numbers and don’t work with VOIP numbers annoyingly.

eubankcustomer9 个月前

I'm a bank customer in the EU without a smartphone. I have a dumb phone (think Nokia) and the bank will happily send me a traditional SMS for two factor validation, when required. Works everytime and no need for a smart phone at all.

评论 #41351599 未加载

junar9 个月前

If you already have your phone, why not just leave your phone where your computer is?

Jeremy10269 个月前

If you are just trying to get a 2FA code, you can generate them. You could use something like <a href="https://github.com/rsc/2fa">https://github.com/rsc/2fa</a> on your command line.

评论 #41312060 未加载

jazz9k9 个月前

You will need to use Frida to avoid root checks if you are going to go the emulator route.

mensetmanusman9 个月前

You can attach a mouse, keyboard, and a monitor to an iPhone.Might be worth trying like that?

sfmz9 个月前

Windows Subsystem for Android might work better than an emulator.

SoftTalker9 个月前

Find a different bank.

khobragade9 个月前

I haven't been able to do that too, but, here's my experience regarding smartphone use--When I was using an Android, I'd go to accessibility settings and turn the display grayscale. It felt so /tasteless/. Like food without salt. And my smartphone use went down.When I switched to iOS, I deliberately chose the little SE 2020 edition with a terrible battery so I wouldn't use it much and it has worked. I still click a lot of pictures, use the banking apps, whatsapp here and there, readonly email access but haven't been wasting time on it and it makes me happy :DIn fact my first smartphone ever was a BlackBerry Q10 (in 2018!), deliberately chosen to not get into smartphone addiction.By the way, kome, would you please get in touch with me? My email's in the bio. I'd love to chat with you about your time prior to having a smartphone :)

评论 #41314287 未加载

floydnoel9 个月前

i would try to get a tablet or ipad. you can still use the apps you need, but it won’t fit in your pocket.

solardev9 个月前

Can it work through Browserstack?