Comment by TeMPOraL

> Only a tiny amount of apps force you into hardware attestation, and these are mostly around banking, mobile payments and the like.

I.e. the only ones that make the phone critical to daily lives of most poeple. Don't forget to add government applications, multimedia applications (DRM) and communications too.

And that's only going get worse, because every app seems to think they're most important. We're in the middle of the phase where every app tries to force strong MFA on users, despite most apps having no fucking business having this level of security. Banks are actually lagging behind toilet paper roll simulator apps nad stores selling hats for pets and such.

Wait when they're done that, leveraging attestation APIs will be next.