Comment by procaryote
11 hours ago
It's pretty easy to make up a reasonable sounding excuse for something you do for your own profit as a company. If they don't even provide any statistic on how frequent these scams are, it can be just words
Also, if your bank 2fa code is in your notifications, you should switch 2fa methods to something other than sms, or switch banks.
So we should just accept that all apps must treat android notifications as a compromised communication channel?
The scammers will find some other way to abuse the very generous permissions allowed by an android app if you prevent the notification attack.
> So we should just accept that all apps must treat android notifications as a compromised communication channel?
Look, that's an OS issue, not an app distribution issue. If I could use the trusted, vetted software from F-Droid I wouldn't need to worry about this sort of attack.