I don’t think so. From what I gathered, the only thing Play Services can see on GrapheneOS is the list of other apps you have installed. That’s it. They can’t see anything else unless you grant access to it. You’re not giving Google root access to your phone, you’re just installing an app that happens to be made by Google, and it’s locked down like everything else.

The threat level for google play services is different in graphene as it runs in what they call an “appbox,” which basically means Google Play is just another app that’s sandboxed like everything else.

One thing I haven’t understood properly I feel is how notifications work. They talked there’s basically 3 ways of sending notifications on android. FCM (googles system) , websockets, unifiedpush. Most apps use FCM so you need play services installed to get notifications, right?

How does that work through profiles though? Some commenter in this thread said you can forward them from another profile if that profile is running in the background? But if I have google play services installed on profile B but not profile A? Do I have to install them on every profile?

I may not fully understand how profiles work yet.

Yeah, as they said most banking apps now work, however, Google Pay doesn’t.

There are alternatives to it like curve pay but I haven’t done the research whether they’re trustworthy enough. EU company I think.

Yeah I apologize, I incorrectly assumed that GrapheneOS’s BFU state is more secure and requires you to enter your passphrase by default and not PIN and that this is not available on stock android which some people pointed out it is.

On a related note though, Graphene does have an interesting feature where if phone hasn’t been unlocked for some time it will force reboot to get into that BFU state. Metroplex sets it to 8 hours.

I think they also have some aggressive USB port control, but I haven’t looked into it. Where you can only charge phone in BFU state or something like that. Haven’t had time to read into it : https://grapheneos.org/features#usb-c-port-and-pogo-pins-control

Thanks for the in-depth answer, I think I will try installing Graphene today.

This can not only be turned off entirely in settings, but you can actually modify it on a per-network basis!

Oh nice ! Makes it way more useful then as I saw forum threads of people saying there’s no point in randomizing on your home network and may cause issues.

GrapheneOS’s airplane mode disables the cellular radio entirely, whereas some OEMs don’t do that on their phones, even when you turn on airplane mode, meaning your cell provider could still triangulate your position regardless of if you have airplane mode on or off.

Did not know that, fascinating! Even Airplane mode is upgraded :D