[mzajc]

From what I've gathered, they've decided to make this completely unusable without a Google- or Apple-approved smartphone. Horrible! Are individual banks even allowed to make that an option for clients? Though even if they are, I doubt any will.

I would LOVE a PayPal alternative, but this is just not it.

--

From https://support.wero-wallet.eu/hc/en-us/articles/25599074240...:

> It is not possible to use Wero via a web browser or on a computer.

[shock]

Your link is broken for me.

From https://support.wero-wallet.eu/hc/en-us/articles/25599098295... it seems they don't even support phones with developer settings turned on, much less custom ROMs, rooted or jaibroken phones.

[riedel]

And android will actually turn off certified state if you install open source apps that were not signed by a registered developer

[wolvoleo]

Oh yeah that's a complete deal-breaker. I always have developer options on and I always will. Ridiculous.

And yes there should be a web/desktop option. I don't understand why this was made so crap

[mlry]

It works on a Pixel 6a with GrapheneOS.

[shock]

If it works, it's by happenstance not officially. According to the link above (official FAQ):

> If the operating system is an Android variant (also called a 'custom ROM'), such as LineageOS or Pixel Experience, then the wero app can’t be installed for security reasons.

[microtonal]

As long as it works on a degoogled Android phone I'm fine with it. Maybe someone in the supported countries with an GraphenOS or /e/OS phone can confirm?

Edit: for some banks it will just forward to the bank's app. So most likely it works as long as your bank supports degoogled Android, similar to how iDEAL + Tikkie works on degoogled Android with most Dutch banks.

[mzajc]

I should've been clearer - by Google-approved, I meant that your device has to pass Google's remote attestation scheme. From https://support.wero-wallet.eu/hc/en-us/articles/25599098295...:

> I’m seeing this error message: "Your device does not meet our security requirements".

> /../ If the operating system is an Android variant (also called a 'custom ROM'), such as LineageOS or Pixel Experience, then the wero app can’t be installed for security reasons.

[breisa]

The thing is, with most banks you aren't even allowed to use the Wero app that has this play integrity restriction. The banks integrate Wero directly into their own apps. So its mostly up to your bank.

[microtonal]

It does not say anything about remote attestation, only rooted/unlocked phones. Most likely it works fine if you run GrapheneOS with a locked bootloader.

Many European banking apps work on degoogled Android like GrapheneOS or /e/OS fine, as long as you have locked the bootloader and USB debugging disabled.

[zb3]

Ah, so this EU wallet is only usable after US companies bless my device? Outstanding move!

[microtonal]

This is not a wallet (the name is a bit confusing). Wero (like iDEAL, which it is partly based on), is an online payment system directly backed by your bank account. This is an app that uses the Wero system for doing P2P payments (like Tikkie in The Netherlands).

Most likely, Wero (like iDEAL) will also support alternative apps for P2P payments.

Also, Wero will support in-store payments in the future, making Google Pay/Apple Pay unnecessary [1] unnecessary, which is a big win.

[1] Strictly spoken it's unnecessary now as well, but then each bank needs to implement its own NFC app and most simply opt foor Google/Apple Pay.

[vanviegen]

I think most/many banks had their own nfc tap-to-pay solution before Google/Apple Pay came along. Any idea why the banks chose to give that up?

[andor]

On Smartcards yes, maybe Android, but certainly not on iPhones. On iOS, it's only been possible to implement alternatives to Apple Pay since 17.4 (2024), and only in Europe (EEA).

[vanviegen]

Ah, I didn't realize the landscape was different on the Apple side of things.

[TitaRusell]

Because it cost money to develop and Google/Apple Pay works really, really well everywhere on the planet.

[vanviegen]

But they already had their own solutions that worked just fine. I can't see how switching to integrate a new system instead would save on dev costs. There surely must be some other reason?

[tormeh]

I think this is more about fees than sovereignty.

[toomuchtodo]

It can be both, the plumbing is straight forward, simply a matter of will to implement. UPI in India, Pix in Brazil, FedNow in the US, etc. Trimmings are things like paying via QR code and alias support (phone, email IDs). Pix had native alias support, Wero is alias support on top of SEPA Instant payment rails (with a ~ten second settlement SLA).

This gets you to utility cost recovery fee structures and sovereignty over your payment infra, versus other countries controlling your value transfer capabilities.

https://en.wikipedia.org/wiki/Instant_payment

https://en.wikipedia.org/wiki/Wero_(payment)

https://en.wikipedia.org/wiki/Single_Euro_Payments_Area

https://www.ecb.europa.eu/paym/retail/instant_payments/html/...

[maelito]

I'm using my bank's app on a fully de-googlised Lineageos (no MicroG) and Wero works.

But with another bank, when I had to install the Wero app, it didn't work at all.

[kleiba]

Oh, awesome, thanks. For someone like me who does not own a phone, this is valuable information. Now I know that I don't have to waste my time looking into this.

[bahmboo]

That link is broken for me. I would like clarity if they support AOSP devices. That would be a meaningful departure from the status quo.

[bramhaag]

This one works for me https://support.wero-wallet.eu/hc/en-us/articles/25599074240...

[bahmboo]

Thanks. Android 9 is the lowest they go version wise (which is ancient, 2018) but they don't say anything about Google requirements which is the real barrier.

[cyberpunk]

This is a regulatory thing, devices used for instant payments should be somehow attested and be authenticated (or be a physical device the bank issued e.g your card).

It’s a difficult thing, we don’t want to have to force smartphone choices but the number of users without one these devices is so vanishingly small it’s very difficult to change the legislation in order to support them too.

I think the happy middle ground is making this system also work with bank issued cards.

[microtonal]

This is not true. Many European bank apps allow instant payments and work without Google's remote attestation. They typically require a locked bootloader. I am in The Netherlands, use GrapheneOS and do instant payments all the time.

(GrapheneOS does support remote attestation, but the app needs to add their verified boot key fingerprints.)

[cyberpunk]

Which bank? I work in this space for a large european bank and we wouldn’t be able to do this.

[amaccuish]

My Volksbank app here in Germany just wants a locked boatloads and no root. Works fine with microg. It's the reason I will never move!

Though the Sparkasse is the same actually, unsure about the other german banks

[cyberpunk]

This is great news if it’s true, these regulations are so hazy it’s maddening. Even tho I’m being downvoted I am actually on the side of removing these barriers I was just sharing what I was made to understand by my bank. shrug

[microtonal]

All Dutch banks for example? I do instant online payments and P2P payments all the time with a degoogled phone. My VISA credit card app (ICS) also works fine.

[cyberpunk]

You mean via your banks web interface? Or via some tap to pay interface?

What i mean is can you use this to pick up a slab of beer in albert hein, or just to transfer some cash to a friend or such?

[microtonal]

I can't pick up a slab of beer at Albert Heijn because it requires Google Pay. But some banks (I think Rabobank) have their own NFC app and then it works fine.

But instant online iDEAL payments etc. work fine. Person to person payments using Tikkie/betaalverzoek as wel.

Put differently, I never use my bank's web interface, only the phone app.

[linohh]

I don't see, why a smartphone plus NFC enabled token device wouldn't work within the regulation, we should go that way, (or any way decoupling Google & Co. from it) because we should be prepared for US companies to be forced to act unreasonably by an unreasonable leader.

[hocuspocus]

There's technical possibility and then real world practicality.

For the same reason, a pure WebAuthn flow in a compliant browser could technically implement secure payment confirmation mandated by the DSP, but afaik no bank does that, and the W3C is still working on the spec.

Our governments can't even manage not to depend on Microsoft/Google/AWS (and Palantir, the US military industrial complex, Israel, ...), our banks are regularly under the fire of extraterritorial bullshit due to the USD dependence.

Being worried about consumer devices and their OS is cute, but it's missing the forest for the trees.

[cyberpunk]

I agree, I’m not saying it’s totally correct or there aren’t answers, but those are the current rules at least in my bank.

Instant payments bypass typical surveillance and fraud systems and so need some kind of authentication, if you don’t want to 2fa every time you’re at the checkout then the application has to have been previously authenticated (e.g setup with some kinda TAN from your bank) and execute on an attested device. We can def extend attestation to other devices (e.g is the kernel modified, does the app have reasonable version and checksums etc) but again, who is gonna fund that for 10 users?

edit: We have a long road to go before this stuff gets better, I think we should be happy at each step instead of really wishing we were already at the finish.

[mzajc]

Then I'll unfortunately have to continue paying the PayPal tax - apparently they have no issues running in any browser of my choice.

> I think the happy middle ground is making this system also work with bank issued cards.

That wouldn't let me pay online.

[cyberpunk]

That’s authenticated and 2fa’d, so it doesn’t have the same use case as a tap to pay system, though. I’m not defending these choices, but there is a reality here.

[drnick1]

> we don’t want to have to force smartphone choices but the number of users without one these devices is so vanishingly small

You are missing the point. The issue is that once the "vanishingly small" number of alternatives disappears, users will be completely trapped, and Google and Apple will then free to abuse that position of power (they already do). Worse, since power is centralized, it is very easy for government interference to take place, and we already see that with things such as identity and age verification requirements. It is the possibility of competition that matters more than actual competition.

[cyberpunk]

Aren’t your problems solved by carrying a bit of plastic issues by your bank? Why isn’t that enough?

[drnick1]

This "digital wallet" is precisely touted as an alternative to carrying plastic.

[lyu07282]

We really should try to understand your mentality, if only to understand why after 27 years the EU still doesn't have a PayPal alternative.

[joris]

Because we don’t need it. The US banking system for example is fairly archaic. Where I live, paper checks went extinct about 30 years ago. Now with SEPA, bank transfers are cheap (cents), fast (seconds) and easy (IBAN). If our banking system would not be as convenient, I’m pretty sure something like PayPal would have been very popular.

[lyu07282]

So is it really just that simple? A lack of understanding what Paypal even is?

[hulitu]

Oh, you will underestand. When, besides your bank, half of the planet will know about your shopping habits.

The device called "Smartphone" is only used to collect every possible detail about your life. The smart thing on a "Smartphone" is that, besides your bank, a lot of other "vendors" have access (not only) to your financial information.