Android security updates - seeking suggestions

[Sriim]

I’ve been using a Realme 7 Pro since Nov 2020. It’s still on Android 12 and my last security update was October 5, 2022 — so almost 3 years without patches.

The phone is working well but I just got to know that running such an old security patch level carries serious risks, especially if the phone is used for mobile banking

My main questions:

1. Should I just buy a new device?
2. Or should I try unlocking the bootloader and flash a custom ROM to get monthly patches? (I have done it once on my first phone long back in 2014)

PS - I’m concerned about banking apps compatibility after bootloader unlock/root, even with Magisk fixes.

If you’ve used a custom ROM with banking apps, do share your experiences

Thanks in advance

 

[rajarancho]

Not only Banking apps, but even any nbfc apps also don't support rooted device. Even a basic app like Swiggy doesn't work. I suggest to get a new phone with atleast 3-4 yrs update.

 

[SSquad]

Check for Google system update in password and security.

Even though not same as a security patch, they fix vulnerabilities through this route to some extent.

 

[Dreams Of Desire 💓]

You can try but there are many hurdles.
Bhim yono doesn't work with anything.
And with the recent 16, play integrity workaround is not possible.
WIll advise to buy new one for headache-less functions.
Sbicard paytm phonpe bajaj roarbank works though.

 

[pratik077]

I am using coustom rom from 2 years, i didn't recomment you to install and use coustom rom.

Because nowadays using coustom rom with banking apps is very difficult.

You have to root for Play integrity spoof first > and then you have to hide root > and there is no 100% chances that every banking app will run after root hide > And I noticed that after hiding the root, some banking apps run for a few days and then detect the root again.

In short using banking apps on coustom rom is a very time consuming, difficult, frustrating, & not reliable task.

 

[rajarancho]

I am using coustom rom from 2 years, i didn't recomment you to install and use coustom rom.

Because nowadays coustom rom's are not passing Play integrity by default.

You have to root for Play integrity first > and then you have to hide root > and there is no 100% chances that every banking app will run after root hide > And I noticed that after hiding the root, some banking apps run for a few days and then detect the root again.

In short using banking apps on coustom rom is a very time consuming, difficult, frustrating, & not reliable task.

When you are getting samsung phones with 5 yrs updates for under 15k, better not to waste time on customer rom and rooting. Tomorrow if there is any security issues, the apps won't support recovery.

 

[Sriim]

Or are the security risks exaggerated? Can I keep using the same phone with legacy patch?

 

[wanderer0]

Or are the security risks exaggerated? Can I keep using the same phone with legacy patch?

Yes you can keep using it. Unless you're a high value target for the state or someone very important, no one is trying to exploit these in your phone. The cost of doing so outweighs the benefit. Most of the Indians don't update their phones and it's fine.

However soon most banking apps will stop working on android 12 so you'll need to buy a new one then anyway. Custom ROMs are very unreliable for everyday usage these days.