Looks like Google is making life more difficult for deGooglers
I haven't been able to update my cellphone anonymously with Aurora since January. Every time I try, Aurora errors out with "Oops, you are rate limited".
This isn't the first time Google plays at making non-normies' lives difficult. So I tried the usual tricks, updated Aurora, tried the nightly build, waited, tried again... for months - to no avail: Google just won't play ball this time.
Last week, Signal stopped working and demanded to be updated. Fortunately, Signal offers the APK as a normal download without having to get it from the hateful Google Play store.
Today, my home banking identificator app did the same thing and stopped working. I needed to make a payment right now, and I had no way to update the app: "Oops, you are rate limited". And my bank sure doesn't offer the APK outside of anything but the goddamn Google Play store.
So I relented and created a Google account. Which of course entailed giving Google a phone number. I sure didn't give them mine, so I phoned a friend abroad who doesn't care to ask him to receive the verification SMS on his phone and read out the code to me. Which worked long enough to set up 2FA and do away with phone numbers altogether. And finally, after an hour of fucking around, annoying other people and compromising their phone number, I could update my banking app and make my payment at last.
All that because Google has decided they want to control my phone.
Fuck Google.
Seriously, how they are allowed to hold the Android world hostage like this without getting their monopolistic ass Sherman'ed AT&T-style, I'll never know. It's long overdue.
Another solution would be downloading the APK from APKMirror. I believe all their APKs signatures are checked against the proper Play Store releases or something like that (don't quote me on that), but the baseline is that all their APKs should be pretty safe.
As much as I hate Google and the Play Store, I trust it more than third party app stores. APKPure, Aptoide, APKMirror... They all sound a bit sketchy to me. Because if you think about it, there's absolutely no way to verify that the APK files they serve haven't been diddled with, since the Google Play store doesn't give a file hash that would enable me to verify the file's signature independently. Not to mention, their apps have a knack for displaying obnoxious advertisement at full screen and full volume.
And even if I did trust them, do you find this normal? Why is Google allowed to make me jump through hoops and compromise my security with impunity?
This comment about the app signature should apply to your situation too, you can't mess with an APK and then sign it with the Google Play keys.
APKMirror is the most trustworthy website there is for APKs out there, if you do some research you will see that the community consensus is it being pretty safe.
I do however understand your concern, especially when talking about banking apps. Honestly now that I think about it, for a banking app I'd rather make a burner Google Account as well. For less sensitive apps however, APKMirror is the best non Google way to get their APKs.
About the app, I have no idea, I only ever used the website (with uBlock).
Obviously it sucks that you need a Google account to access all these apps "properly" through the Play Store, for free apps they should really just let you download them without an account.
Without mentioning that most of the time (and probably depending where you live) you won't find your banking app in there, nor in the Aurora Store usually.
I live in a Central American country where I simply can't find my banking app in Aurora Store or in APKMirror (or any of those sites), and when I search the app name in Google Play it's there, so I guess it has some kind of logic since the app uses anonymous Google accounts that are probably located in a country where it makes no sense that my banking app is there, I mean, why should my Central American banking app be shown in US for example?
If you log out of Aurora and use the "insecure" option you may have better luck. By default, Aurora's location is in France but the insecure log-in is where you or your vpn location is.
Interesting... I sort of assumed everybody in the world had the same view of the Google Play store. Like for instance, my bank has subsidiaries in many countries, and I can see all the national versions of their apps in the Play Store as well as in Aurora. But now that you mention it, it's possible that not everybody can download everything everywhere.
Although that seems quite wrong: what if you travel to, say, France or Italy, you need to update your banking app while you reside there and you can't see the app? That sounds like a recipe for disaster.
Then again, it's Google. They are kind of a giant disaster for millions of people who don't need their aggravation...
I suppose in the case where I'm using Google Play with a Google account, the most likely thing is that I'll be able to update without a problem because my account is in the country where the app is located, just that it's using the servers in the country where I live.
In the case of the Aurora store of APKMirror, well, I'm fucked, I guess the only think that I can do is use the website of my bank, that I suppose this will be the case in many banks, the interface and the overall experience is worse than that of the app.
To be honest, is just a shit that many, not to say all banking apps depend specifically on Google to work, it would not be a surprise to me that if I try to install my banking app extracting the APK for myself and then installing it on a deGoogled phone, the app will tell me that it requires Google to work or something like that.
Not necessarily. My bank's app for instance works perfectly well without Google Play Services. Quite surprising actually, and a relief that I don't need a separate non-deGoogled cellphone just to do my banking. You might be surprised that yours does too.
Try getting the app URL and opening that on your device because I found a lot of times that even apps that are not shown will show up if you use the direct link instead.
That's an interesting point I hadn't considered, some quick searching however shows that (at least some) German banking apps are on APKMirror.
I can't speak for other countries though.