Let’s say, I create a bank with the caveat that all of my banking phone apps and webapps are FOSS (or if they depend on non-free components — banks probably do to communicate with each other —, then just OSS). Am I going to be behind the competition by doing this?

If the most secure crypto algorithms are the ones that are public, can we ensure the security of a bank’s apps by publicizing it?

Are they not doing this because they secretly collect a lot of data (on top of your payment history because of the centralized nature of card payments) through these apps?

EDIT: Clarifying question: Is there a technical reason they don’t publicize their code or is it just purely corporate greed and nothing else?

  • ono@lemmy.ca
    link
    fedilink
    English
    arrow-up
    7
    ·
    1 year ago

    I don’t know of anything stopping banks from creating FOSS apps, but since it’s not their area of expertise, I think they’re more likely to license an app from a provider, and existing providers don’t have a compelling incentive to open-source their apps.

    If we want FOSS banking apps, I think the first and most important step would be legally requiring banks to provide standard APIs.

    • freedomPusher
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      If we want FOSS banking apps, I think the first and most important step would be legally requiring banks to provide standard APIs.

      Germany supposedly has an open standard banking API. I don’t know if it’s legally mandated but in principle its mere existence and acceptance by some banks would theoretically be sufficient to inspire FOSS apps. I vaguely recall that GNU Cash recognizes that standard… can anyone confirm?

      I don’t think I’ve seen any portable FOSS banking apps for any country in the F-Droid official repos. Which suggests that a standard open API may not be sufficient. Or perhaps I have something wrong here.