GrapheneOS explains why they still rely on Google Pixel phones, details banking apps & camera support

In the world of privacy-focused Android derivatives, GrapheneOS often stands as the gold standard for security hardening. However, the project has long faced a central paradox that confuses newcomers: the operating system meant to liberate users from Google’s data tracking is exclusively available on hardware manufactured by Google itself. In a recent in-depth interview with David Bombal, GrapheneOS community lead MetroPlex addressed this irony head-on, while also debunking persistent myths regarding banking app compatibility and camera quality on the platform, as well as hinting at when we can expect the rumored non-Pixel phone to arrive.

MetroPlex clarified that the project’s reliance on Google Pixel devices is not a matter of brand loyalty, but of hardware security architecture. While many assume an open-source OS could run on any Android device, the reality of modern mobile security is far more restrictive. According to MetroPlex, the Google Pixel lineup remains the “singular only current device offering full firmware alternate operating system support.”

This support is critical because it allows GrapheneOS to maintain the chain of trust from the hardware up. Unlike other custom ROMs that often require permanently compromising the device’s security model, GrapheneOS can relock the bootloader with its own signing keys. MetroPlex emphasized that this capability allows them to maintain the operating system’s integrity using verified boot. This hardware-level integration also powers the Auditor app, which uses the Titan M2 security chip to perform hardware attestation, ensuring the OS hasn’t been tampered with; a feat currently impossible to replicate securely on other manufacturers’ handsets.

Beyond the hardware philosophy, the interview tackled the practical “daily driver” concerns that keep many users from switching, specifically, the fear that banking apps will break. MetroPlex pushed back against the misconception that GrapheneOS renders a phone useless for finance. He noted that a vast majority of banking applications function perfectly fine, with some requiring a feature called “exploit compatibility mode” to relax certain memory hardening techniques that trip up poorly written apps.

While admitting that a niche 1% of apps enforcing strict Play Integrity API checks might fail, the team pointed to community resources like privsec.dev that track compatibility. For the most part, the notion that a GrapheneOS phone cannot handle mobile banking is largely outdated, thanks in part to the project’s sandboxed Google Play Services, which allow these apps to run without granting them invasive system-level privileges.

The final hurdle for many potential switchers is the camera. Google Pixel phones are renowned for their computational photography, and users often fear losing that image quality when moving to a custom OS. MetroPlex assured users that GrapheneOS has developed a compatibility layer that allows the official Google Pixel Camera app to function with full features, including Night Sight and AI processing, without needing the standard, invasive Play Services framework. Users can even toggle access to the Tensor processing unit for AI photo enhancements, ensuring that the privacy gains of the OS don’t come at the cost of photo quality.

You can watch the full interview below: