Louis: start a personal reference page

2026-06-20T00:38:08Z

start a personal reference page

New page

{{ombox|text=This is a personal page in {{BASEPAGENAME}}'s userspace, kept as a reference. It is not a wiki article.}}

Volkswagen's official smartphone app, which owners use for remote functions such as vehicle status, location, and charging,<ref name="vwservices" /> does not run normally on [[GrapheneOS]] or other alternative, de-Googled Android systems.<ref name="vwemail" /> In a support reply to an affected owner, Volkswagen stated that the app is ''"only supported on iOS devices and Android devices with supported operating system versions"'' and that on ''"alternative operating systems (so-called custom ROMs, e.g. GrapheneOS, LineageOS, or similar solutions)"'' the owner should expect ''"limitations or a lack of functionality,"'' because the app ''"relies on security-relevant system components and certified Android standards."''<ref name="vwemail" /> GrapheneOS keeps a locked bootloader and verified boot signed with its own keys, but it is not a Google-certified manufacturer image, the condition Google's [[Play Integrity API]] requires before it returns the device-integrity verdict an app can demand.<ref name="gverdicts" /><ref name="gosguide" />

==Background==

The Volkswagen app and the We Connect service expose Volkswagen Group's connected-car functions to the owner's phone, including vehicle status, parking location, and charging.<ref name="vwservices" />

The app block is the first-party-app counterpart to the [[Volkswagen Carnet API shutdown]], the change that began on May 27, 2026, in which Volkswagen Group cut off third-party software such as Home Assistant and evcc and routed vehicle-data access through an official Volkswagen Group app.<ref name="borncity" /> The two changes work from opposite sides of the same gate: the earlier one required a community client to authenticate through an official app,<ref name="borncity" /> and this one requires the owner's phone to pass Google's device attestation before the official app itself will run.<ref name="gverdicts" />

==Volkswagen's stated reason==

The episode is documented through Volkswagen's own support correspondence. Replying to an owner who reported that the Volkswagen app no longer worked on a GrapheneOS phone, Volkswagen attributed the restriction to security and to Android certification:

<blockquote>''"On devices on which alternative operating systems (so-called custom ROMs, e.g. GrapheneOS, LineageOS, or similar solutions) are installed, limitations or a lack of functionality of the Volkswagen app may occur. These systems are not part of the supported application environment of Volkswagen AG for the Volkswagen app, which is why we unfortunately cannot offer technical support in such cases. The reason for this is that the Volkswagen app relies on security-relevant system components and certified Android standards to ensure reliable and secure use of our digital services."''</blockquote><ref name="vwemail" />

[[File:VW-app-grapheneos-support-email.jpeg|thumb|center|upright=2.4|Volkswagen's support reply, reproduced on the GrapheneOS forum, tells an affected owner that on custom ROMs such as GrapheneOS and LineageOS the app may show limitations because it ''"relies on security-relevant system components and certified Android standards."''<ref name="vwemail" />]]

The certification the email points to does not measure how current a device's patches are. Google's device-integrity verdict certifies that the operating system is ''"a certified device manufacturer image"'' on a locked bootloader; only the separate, stricter strong-integrity verdict additionally requires that the device received security updates in the last year.<ref name="gverdicts" /> In practice the device-integrity check passes an older, unpatched but still factory-certified Android build, while a current GrapheneOS build, which is not a manufacturer image, does not produce that verdict.<ref name="gverdicts" />

==Device attestation and Play Integrity==

The check behind ''"certified Android standards"'' is remote device attestation. On Android the dominant implementation is Google's Play Integrity API, which Google describes as a way to confirm that requests come from a ''"genuine and certified Android device."''<ref name="gintegrity" /> When an app calls it, Google returns a device-integrity verdict in three tiers: ''MEETS_BASIC_INTEGRITY'', ''MEETS_DEVICE_INTEGRITY'', and ''MEETS_STRONG_INTEGRITY''.<ref name="gverdicts" /> An app server can refuse to act unless it sees the tier it demands.

[[File:Play-Integrity-device-verdict.png|thumb|center|upright=2.4|Google's Play Integrity documentation defines the ''MEETS_DEVICE_INTEGRITY'' verdict, which requires that the bootloader is locked and the loaded Android OS is ''"a certified device manufacturer image,"'' the condition GrapheneOS does not satisfy.<ref name="gverdicts" />]]

GrapheneOS is a hardened Android distribution that keeps a locked bootloader and verified boot, but it replaces the manufacturer's operating system with its own signed build. Because it is not a Google-licensed, factory-certified manufacturer image, it does not produce the ''MEETS_DEVICE_INTEGRITY'' verdict by default, regardless of how it is patched.<ref name="gverdicts" /><ref name="gosguide" />

==GrapheneOS's position==

The GrapheneOS project argues that excluding it is a business choice, not a security requirement, and that an app that wants a genuine hardware-backed guarantee already has a better tool. Its attestation compatibility guide says a developer can support GrapheneOS ''"by using the standard Android hardware attestation API and permitting our official release signing keys,"'' an approach the project describes as stronger than Play Integrity because it can ''"whitelist the keys of alternate operating systems."''<ref name="gosguide" /> The project states the reason apps decline to do so directly:

<blockquote>''"The only reason they aren't permitting it is because we do not license Google Mobile Services (GMS) and these apps are enforcing Google's business interests rather than security."''</blockquote><ref name="gosguide" />

[[File:GrapheneOS-attestation-guide-business-interests.png|thumb|center|upright=2.4|The GrapheneOS attestation compatibility guide states that apps blocking the system through Play Integrity do so because GrapheneOS does not license Google Mobile Services and ''"these apps are enforcing Google's business interests rather than security."''<ref name="gosguide" />]]

==Play Integrity lockouts beyond the Volkswagen app==

In May 2026, ''Android Authority'' reported GrapheneOS's warning that Google and Apple device checks are increasingly used to restrict alternative operating systems, describing the purpose of these systems, in the project's words, as ''"disallowing people from using hardware and software not approved by Apple or Google."''<ref name="androidauthority" /> The project put its own exclusion plainly:

<blockquote>''"Google's Play Integrity API bans using GrapheneOS despite it being far more secure than anything they permit."''</blockquote><ref name="androidauthority" />

A vendor-neutral alternative exists but is barely deployed. Unified Attestation, an open-source project led by Volla Systeme GmbH, presents itself as ''"a free, open-source alternative to Google Play Integrity"'' that an app can run alongside Google's own check.<ref name="uattest" /> GrapheneOS opposes that scheme as well, arguing it would replace Google's gatekeeping with a new vendor-managed allow-list rather than open access to any hardened operating system.<ref name="piunika" />

==See also==

*[[Volkswagen Carnet API shutdown]]
*[[Mazda DMCA takedown of open source Home Assistant app]]
*[[GrapheneOS]]
*[[Right to repair]]

==References==

<references>
<ref name="vwemail">{{Cite web |url=https://discuss.grapheneos.org/d/35949-volkswagen-app |title=Volkswagen App |publisher=GrapheneOS Discussion Forum |access-date=2026-06-19}} (thread in which an affected owner reproduces Volkswagen's support email verbatim).</ref>
<ref name="gintegrity">{{Cite web |url=https://developer.android.com/google/play/integrity/overview |title=Play Integrity API overview |publisher=Google, Android Developers |access-date=2026-06-19}}</ref>
<ref name="gverdicts">{{Cite web |url=https://developer.android.com/google/play/integrity/verdicts |title=Play Integrity API verdicts and device integrity field |publisher=Google, Android Developers |access-date=2026-06-19}}</ref>
<ref name="gosguide">{{Cite web |url=https://grapheneos.org/articles/attestation-compatibility-guide |title=Attestation compatibility guide |publisher=GrapheneOS |access-date=2026-06-19}}</ref>
<ref name="androidauthority">{{Cite web |url=https://www.androidauthority.com/grapheneos-google-apple-approved-devices-web-warning-3665319/ |title=GrapheneOS warns Google and Apple device checks are locking out alternative operating systems |last=Sharma |first=Adamya |publisher=Android Authority |date=2026-05-10 |access-date=2026-06-19}}</ref>
<ref name="uattest">{{Cite web |url=https://uattest.net/ |title=Unified Attestation |publisher=Volla Systeme GmbH |access-date=2026-06-19}}</ref>
<ref name="piunika">{{Cite web |url=https://piunikaweb.com/2026/03/10/grapheneos-calls-on-privacy-focused-app-developers-to-boycott-european-unified-attestation/ |title=GrapheneOS calls on privacy-focused app developers to boycott European Unified Attestation |publisher=PiunikaWeb |date=2026-03-10 |access-date=2026-06-19}}</ref>
<ref name="borncity">{{Cite web |url=https://borncity.com/blog/2026/05/29/vw-und-audi-sperren-api-schnittstelle-smart-home-blackout-seit-27-05-2026-teil-1/ |title=VW und Audi sperren API-Schnittstelle, Smart-Home-Blackout seit 27.05.2026 (Teil 1) |last=Born |first=Günter |publisher=Borncity |date=2026-05-29 |access-date=2026-06-19}}</ref>
<ref name="vwservices">{{Cite web |url=https://www.volkswagen.co.uk/en/connected-services/vw-connect-id.html |title=VW Connect ID. |publisher=Volkswagen UK |access-date=2026-06-19}}</ref>
</references>

User:Louis/Volkswagen app GrapheneOS lockout - Revision history

Louis: start a personal reference page