AdguardForAndroid icon indicating copy to clipboard operation
AdguardForAndroid copied to clipboard

Published 20 hours ago verified publisher icon AdguardTeam

Banking app "Iris" detects adguard certificate and flags it as dangerous

Open Shockshwat opened this issue 1 year ago • 8 comments

Please answer the following questions for yourself before submitting an issue.

  • [X] I am running the latest version
  • [X] I checked the documentation and found no answer
  • [X] I checked to make sure that this issue has not already been filed

AdGuard version

Nightly 40

Environment

- OS: Android 10
- Device: Redmi note 8 Pro 
- Firmware: MIUI

Root access

  • [ ] Yes, I have it.

What filters do you have enabled?

AdGuard Base filter, AdGuard Mobile Ads filter

What Stealth Mode options do you have enabled?

No response

Issue Details

Steps to repr oduce:

  1. Open Iris by yes bank
  2. The app throws an error of invalid certificate

Expected Behavior

The app should work as normal

Actual Behavior

The app reports the certificate and closes

Screenshots

Screenshot 1:

image

Additional Information

No response

Shockshwat avatar Dec 11 '23 07:12 Shockshwat

Yikes. I hope other apps don't do this

infinitewaveparticle avatar Dec 27 '23 12:12 infinitewaveparticle

@Shockshwat for banking apps often has certificate pinning, which prevents the app from working in conjunction with AdGuard. In the next updates, we will exclude filtering for Iris bank app.

As a temporary solution, you can exclude filtering manually using App Management for the bank app

maxikuzmin avatar Dec 28 '23 14:12 maxikuzmin

@maxikuzmin I have excluded iris app from adguard filtering, Previously the app showed that your device is connected to a VPN and your data might not be secure so i had to exclude it, Now it shows the invalid certificate error.

Shockshwat avatar Dec 28 '23 15:12 Shockshwat

@Shockshwat could you please clarify how you excluded the app from filtering?

maxikuzmin avatar Dec 28 '23 17:12 maxikuzmin

@maxikuzmin I got to app management, clicked the app and then turned off Route Traffic Through Adguard

Shockshwat avatar Dec 28 '23 18:12 Shockshwat

It sounds like the app is querying the User certificate storage and denying use of the app with an unknown certificate installed. This is not good.

Sent from Proton Mail mobile

-------- Original Message -------- On Dec 28, 2023, 1:50 PM, Shockshwat wrote:

@.***(https://github.com/maxikuzmin) I got to app management, clicked the app and then turned off Route Traffic Through Adguard

— Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you commented.Message ID: @.***>

infinitewaveparticle avatar Dec 28 '23 19:12 infinitewaveparticle

@Shockshwat we will fix this issue in the next updates

maxikuzmin avatar Jan 09 '24 17:01 maxikuzmin

Unfortunately, Iris by YES bank app use direct checking of user installed certificates and this not related specific to AdGuard app. For now there's no fix for this and excluding app from Ad Blocking and even uninstalling AdGuard app wouldn't help you. Only way to use Iris by YES app is to delete all installed user certificates on your device (as app suggest on welcome screen), but this would lead to AdGuard app not work properly with https filtering. You can use AdGuard that way, but without https filtering.

Iris by YES app developer need to allow user certificates to be installed on device, since Android system already doesn't trust this type of certificates when routing traffic and additional check from Iris by YES app doesn't really needed for your security.

We're already contacted bank app developer to update its app to allow user certificates, as soon they fix this on their side, we would add app to our exceptions.

Proxwian avatar Jan 11 '24 09:01 Proxwian