If the sideloaded app manages to hack HSBC and steal the customers money they are going to have a demand to refund the customer a bunch of money. I can understand their position.
I understand that, but the thing I've never understood is that banking apps only care about meaningless measurements like whether a device passes Play Integrity. I have a tablet that passes Play Integrity but is also over 6 years behind on security updates. That device should not be allowed to run banking apps.
Why not refuse to run on devices that don't have current security updates? How useful is Play Integrity actually for avoiding these types of problems?
