it be like that sometimes

no, that’s a well known workaround, but the banking apps I used were just giving me a generic error, while yes they used google play integrity API, they weren’t enforcing it.

what it turns out is that they were checking for specific packages that come preinstalled with every copy of GOS, effectively blocking users of said operating system.

Luckily these packages aren’t essential and could be disabled by users, bypassing their checks.

this is one of many that they implemented, there are 3 other checks but it was easy to bypass those too without compromise.

as it stands right now, there is no clear benefit for me when it comes between choosing to bank on my browser vs just using the app while yea it does offer some fingerprinting resistance, I’d be still exposing my real IP address, otherwise the bank would flag any other IP address I’m using and will require me to verify myself.

I opted to run my banking apps in a separate profile without hiding behind anything while kewping my other profiles separate and behind proxies

good point, I’m leaning towards just changing the device model in the report and calling it a day.

I have to use it, its part of my daily life, but thank you for your response.

thank you so much, another thing I also missed when looking over the technical aspect of it, I’m saving this for future reference.

saving this reply for future reference, thanks!

didn’t know you could do that

I rarely use my email, the last time I did when I was unemployed to apply for jobs, the rest are emails I’m expecting from different services I use that regard 2FA or password rests.

I think I’ll be okay with not being HA though that is a valid concern I’ll be taking into account.

seeing the overall responses, I really do think that some people start with a terrible reputation based on their IP / domain.

or as you said, they just send spam.

I decided to take my chances anyway

actually that’s a good question, would be nice if I could maybe buy a domain and just purely receive and not send, would be beneficial for signing up to services and organizing them, something I’m willing to go with if the entirely self hosted route fails

It really depends on what you want to accomplish.

Data Control.

while yes I’ve degoogled myself, I’m not very satisfied with the services I tried out (Proton, Tutanota etc) they always have some sort of compromise or sometimes their businesses model is too good to be true (at least for me) and being able to dictate what I need and what I don’t + implementing privacy and / or security solutions according to my needs is a big benefit in my book, my threat model isn’t something that worries me, I just like having full control and combat mass surveillance.

Your self-hosted server will have downtime as well, some planned but also some unplanned.

Strongly agree with this point and I am very aware of this, after all my homelab setup isn’t Enterprise grade and I’m expecting a lot of issues but knowing my usage, I’m willing to take these compromises.

Thank you for this detailed post, I’ll take these things in mind when trying this out from a learning perspective.

yeah its something that seems to be splitting the community, some say that they haven’t had a single problem while others say its borderline impossible

the link is a great read, almost answers all of the questions I have.

but knowing myself I’d still attempt it to just learn something new ;)