• Introducing XDA Computing: Discussion zones for Hardware, Software, and more!    Check it out!

DKB-TAN2go app on rooted device

Search This thread
Jan 14, 2021
5
0
I'm using termux to disable/enable magisk:

1. get the magisk app id from settings > apps > magiskmanager
2. install termux and termux widget https://github.com/termux/termux-widget#Setup-Instructions
3. install sudo from termux:
Code:
pkg install tsu
4. execute in termux after inserting your app id from 1.:
Code:
echo "sudo pm enable <MAGISKAPP ID>" > /data/data/com.termux/files/home/.shortcuts/magisk-enable
Code:
echo "sudo pm disable-user <MAGISKAPP ID>" > /data/data/com.termux/files/home/.shortcuts/magisk-disable
5. create a termux widget on the home screen
6. widget will show enable/disable for magisk

works with 2.7.3: disable before using, enable after using tan2go

(@dkb-devs: please don't kill this. We are not the bad guys, we're just trying to actually run SECURE devices that aren't closed source coming with spyware. Thank you!)
 

schmensch

New member
Jan 17, 2022
1
3
I wrote them this email (in German) containing partially Anger, partially Arguments on how were trying to secure our devices to make them more secure. It boils down to:

Why allow 5+ year old devices that received their latest security update years ago, but not devices used by professionals who want to make themselves more secure, and thus use a more secure version of Android:

Sehr geehrte DKB,

Ihre Tan2Go-App funktioniert leider nicht auf Android-Geräten mit entsperrtem Bootloader, da sie dies als "gefährliche Modifikation am Betriebssystem" ansieht.

Leider stimmt dies nicht, denn die Personen, die technisch affin genug sind, ihren Bootloader zu entsperren, meistens auch technisch affin genug sind, um ihr Gerät frei von Viren, Trojanern und anderer Schadsoftware zu halten.

Meist wird der Bootloader entsperrt um ein alternatives, auch auf Android aufbauendes Betriebssystem wie LineageOS, GrapheneOS, CalyxOS, ... zu installieren.

Die Ironie liegt darin, das diese Betriebssysteme deutlich sicherer sind als das Stock-Android, was auf vielen Geräten ausgeliefert wird, z. B. MIUI auf Xiaomi, da dies meist nur für ein paar Jahre Updates erhält und sehr viel Extra-Software enthält, die man nicht braucht und nur mehr Sicherheitslücken enthält je älter sie wird.

Warum erlauben sie die Tan2Go-App auf 5+ Jahre alten Geräten, die vor Ewigkeiten ihr letztes Sicheheits-Update hatten, nicht aber auf deutlich sicheren Betriebssystemen, die hauptsächlich von technisch affinen Personen benutzt werden?

Die DKB-Banking-App ist vom selben Problem getroffen, die neue DKB-App allerdings nicht.

Bitte nehmen sie diese unnötigen und sinnlosen Beschränkungen von der Tan2Go und DKB-Banking-App. Die neuere DKB-App (noch) nicht von dieser Illusion der Sicherheit befallen, bitte lassen sie es nicht so weit kommen.


--

Viele Grüße,

< My name here >


Edit: Probably won't change anything, but hey, at least I tried.
 

Top Liked Posts

  • There are no posts matching your filters.
  • 3
    I wrote them this email (in German) containing partially Anger, partially Arguments on how were trying to secure our devices to make them more secure. It boils down to:

    Why allow 5+ year old devices that received their latest security update years ago, but not devices used by professionals who want to make themselves more secure, and thus use a more secure version of Android:

    Sehr geehrte DKB,

    Ihre Tan2Go-App funktioniert leider nicht auf Android-Geräten mit entsperrtem Bootloader, da sie dies als "gefährliche Modifikation am Betriebssystem" ansieht.

    Leider stimmt dies nicht, denn die Personen, die technisch affin genug sind, ihren Bootloader zu entsperren, meistens auch technisch affin genug sind, um ihr Gerät frei von Viren, Trojanern und anderer Schadsoftware zu halten.

    Meist wird der Bootloader entsperrt um ein alternatives, auch auf Android aufbauendes Betriebssystem wie LineageOS, GrapheneOS, CalyxOS, ... zu installieren.

    Die Ironie liegt darin, das diese Betriebssysteme deutlich sicherer sind als das Stock-Android, was auf vielen Geräten ausgeliefert wird, z. B. MIUI auf Xiaomi, da dies meist nur für ein paar Jahre Updates erhält und sehr viel Extra-Software enthält, die man nicht braucht und nur mehr Sicherheitslücken enthält je älter sie wird.

    Warum erlauben sie die Tan2Go-App auf 5+ Jahre alten Geräten, die vor Ewigkeiten ihr letztes Sicheheits-Update hatten, nicht aber auf deutlich sicheren Betriebssystemen, die hauptsächlich von technisch affinen Personen benutzt werden?

    Die DKB-Banking-App ist vom selben Problem getroffen, die neue DKB-App allerdings nicht.

    Bitte nehmen sie diese unnötigen und sinnlosen Beschränkungen von der Tan2Go und DKB-Banking-App. Die neuere DKB-App (noch) nicht von dieser Illusion der Sicherheit befallen, bitte lassen sie es nicht so weit kommen.


    --

    Viele Grüße,

    < My name here >


    Edit: Probably won't change anything, but hey, at least I tried.
  • 9
    Here is a recipe that worked for me to get TAN2Go App running and receiving TANs + activating Visa secure on a Huawei P8 Lite with LineageOS 14.1. with using Island.

    It will only work, if you mobile number is already registered in DKB, because you have to receive an SMS.

    At some point you need to open an http link from the SMS via TAN2Go app on island. Since the SMS app did not work on island for me, I used a workaround using the contacts app.

    Some steps in the beginning, especially the factory reset might not be necessary, but this is what I did.

    0. Lineageos Factory reset (TWRP wipe)
    1. Install latest Magisk / Magisk Manager
    2. In Magisk Manager Settings, enable Magisk Hide, repackage the Magisk Manager Application
    3. Install DKB Banking App / Tan2Go / Island using Google Play Store
    4. Open repackaged Magisk Manager, hide DKB Banking App / Tan2Go / Island / Google Play Store
    5. Restart the Phone
    6. Open and configure Island
    7. Install / Clone Tan2Go app and DKB banking app from mainland to island
    8. Install / Clone the contacts app from mainland to island. You may now open it in island to check if it works and that you can create a contact.
    9. Deinstall the Tan2Go and DKB banking app app from your phone (the "mainland" versions!)
    10. Open Tan2Go "island" version, set new Password for the App.

    If this step does not work, using Island to bypass the protection may not work on your phone.
    You could try the Magisk Canary build, wait for a new Magisk version, or try a factory reset like I did.

    11. Tap on "Tan2Go erneut verknüpfen" (NOT the QR code, which worked for me only once), proceed to online banking. This will open DKB Banking App.

    The next steps are time-critical, because your session may expire. So read the steps first.

    12. Login with your banking credentials
    13. In the FAQ section open drop-down menu "Sie können derzeit keine TANs mit der DKB-TAN2go-App generieren?" and click the Link inside the text: "TAN2Go-Verwaltung"
    14. In the connected devices section, choose the device that you are currently holding in your hands and click "Password vergessen"

    The next steps are especially time-critical, but unfortunately may take some time to execute ;)
    Once you request the SMS, you got a time window that the SMS code is valid.

    15. On the next page click button "Neu verknüpfen per SMS" and then "SMS anfordern", receive the SMS, copy the link (or the full text if not possible)
    16. Open contacts inside Island, add a new contact, chose contact name, paste the link from SMS to "Website" section of the contact, save contact
    17. On the generated contact, click the website link, chose open with Tan2Go app
    18. (I had to re-set the Tan2Go password here for some reason)
    19. Copy the code "Freischaltcode"
    20. Go back to the DKB Banking App in mainland and enter the code. If you were to slow, repeat from step 10.
    21. You may now enable Visa secure in DKB Banking App.
    6
    I'm Not able to hide canary Manager. Always failed to hide it.
    Any Idea?

    Edit: Stop Play Protect in Google Playstore fixed it ;)

    Thanks, that helped.

    So for me the steps were:
    - uninstall old magisk
    - install latest canary (raw.githubusercontent.com/topjohnwu/magisk_files/canary/app-debug.apk)
    - disable play protect
    - hide magisk by repackage the name to Manager2
    - enable MagiskHide in the settings
    - hide tan2go in MagiskHide
    - re enable Play Protect

    I did not need to use "MagiskHide Props Config" to have fingerprint working.
    6
    >>> SUCCESS <<<

    Magisk Stable v23.0 + Riru v.25.4.4.r426 + LSPosed v1.3.5 + XPrivacyLua v1.30 + TAN2go v2.7.2 works!

    1. Install/activate each component.
    2. Apply MagiskHide to TAN2go.
    3. Tick TAN2go in the app level list of XPrivacyLua.
    4. Then tick the restrictions "Get applications", "Use analytics" and "Use tracking" in the permissions level list of XPrivacyLua.
    5. And TAN2go v2.7.2 works as expected!
    So far so good, only that damned Digitales Amt app still can not be made to work on my POCO X3 NFC with ArrowOS 11 + microG even with that kind of trickery (+ Riru-MomoHider with all 4 configs activated + flawless check with Magisk Detector). :unsure:
    6
    I can confirm that Magisk Canary works, both with the DKB Banking App as well as Tan2Go (latest, 2.6.0) including fingerprint support (and of course no Island/Shelter). The steps are described in this previous thread:

    Current link is: raw.githubusercontent.com/topjohnwu/magisk_files/canary/app-debug.apk
    (You can find this via github.com/topjohnwu/Magisk#downloads and select magisk manager Canary.)

    Steps I followed:
    1. Install Magisk Manager Canary
    2. Make sure Magisk Manager Update Channel is set to Canary
    3. Hide Magisk Manager
    4. Make sure Magisk Manager version is still canary (for me it reverted to normal version after hiding the first time, possibly because update channel was not set to canary)
    5. Install tan2go and DKB app
    6. Use Magisk Hide on tan2go and DKB app
    7. restart device
    8. Should work now

    Just a few caveats:
    1. I uninstalled Magisk and Magisk Manager (Stable) from my device, then reinstalled Canary
    2. I didn't know whether you also need to update Magisk itself (not the Manager). As I uninstalled it in the previous step I had to, but an update might be fine as well
    3. I am not sure whether you need those two steps, but might help if it doesn't work for you
    4. Be sure to enable MagiskHide in the settings
    5. You have to repackage Magisk under a different name, otherwise Tan2Go will detect it. I chose "Manager2", but seems like anything will be fine here
    6. Hide both DKB Banking as well as Tan2Go inside the MagiskHide settings (There is a small bar with 4 icons on the bottom, the second one should be a shield)
    7. Lastly go to the Modules section (puzzle icon, last on the bar), and install MagiskHide Props Config. I needed that one to enable fingerprint support
    8. Launch Tan2Go and be happy. For now at least, we'll see how long it lasts :)
    6
    SOLVED: DKB Tan2Go 2.4.0 works with Open Bootloader & Root

    DKB TAN2go works with Magisk:
    1. Install the TAN2go app (but don't open it)
    2. Add the TAN2go app in Magsik Manager in the menu "Magisk Hide"
    3. Reboot the phone (I don't know if this is necessary)
    4. Open TAN2go, works fine.

    **** DKB and this stupid security features which bring absoltuely no security.

    SOLVED: (on my Redmi Note 6 Pro with CrDroid Pie, GApps installed:)
    You are (nearly) right; the solution is described in the German Forum Android-hilfe.de for a similar Tan2Go-App from VR.... Original Text:
    - VR SecureGO deinstallieren
    - Magiskmanager deinstallieren
    - Magisk mit dem Magisk Uninstaller über TWRP deinstallieren -> reboot
    - Magisk 19 installieren TWRP
    - MagiskManager installieren ( auch die aktuellste beta, keine module aktivieren etc, alles lassen wies ist)
    - MagiskManager verstecken (repacking blablub), restart
    - VR SecureGo installieren aber nicht öffnen
    - Magisk Hide für VR SecureGo aktivieren, reboot
    leider crashte die App hier immer noch beim Start - also alles nochmal von vorn (#33)
    ... und dann #59
    im Magisk Hide-Bereich Apps (mit ALLEN Unterpunkten von VR SecureGo und Google Play-Dienste) neu ab/angewählt

    How-to;
    (Please, reboot sometimes while doing it:)

    - Remove your (DKB)Tan2Go-App.
    - Install NEWEST 19.1 Magisk via TWRP.
    - Install NEWEST Magisk Manager-App (via apk or Store.)
    - Reboot & Open Magisk Manager-App-Menu in the left corner above (The Hamburger)
    - Choose "Magisk Hide": >> Hide ALL the Google-Play-Services
    - Return to the Magisk-Hamburger-Menu: Settings/ Einstellungen >> Hide Magisk Manager (it changes to a similar name automatically)
    - Reboot & Install NOW your (DKB - Tan2Go-App 2.4.0, but DO NOT OPEN IT !!
    - Open Magisk Manager again >> Magisk Hide >> Hide the new downloaded DKB- TAN2GO-App. 2.4.0
    - (Reboot ?? &) Now you can open it; it should work now.


    Summary:
    So, the Trick is to hide via Magisk Manager All Google Services + your DKB-Tan2Go-App + the Magisk Manager himself.
    Yes, the Hiding-Program must be hided, too. :)

    Enjoy & have Fun!