Let’s say, I create a bank with the caveat that all of my banking phone apps and webapps are FOSS (or if they depend on non-free components — banks probably do to communicate with each other —, then just OSS). Am I going to be behind the competition by doing this?
If the most secure crypto algorithms are the ones that are public, can we ensure the security of a bank’s apps by publicizing it?
Are they not doing this because they secretly collect a lot of data (on top of your payment history because of the centralized nature of card payments) through these apps?
EDIT: Clarifying question: Is there a technical reason they don’t publicize their code or is it just purely corporate greed and nothing else?
Indeed they wouldn’t because most consumers are pushovers, willing to fetch and run any garbage non-free software and willing to share sensitive data with Google in the process. So there’s no reason to offer a FOSS option – as people are not demanding it.
I am one of the very few who demand FOSS. I will not run a non-free app (esp. banking) and I will not create a Google account to reach their exclusive playstore. And now that bank’s web services have started going to shit (blocking tor, reducing web features or simply being shut down to force people to use the phone apps), I’ve gone analog. If a critical mass of consumers were to do the same and stand up for themselves, banks would be forced to do the right thing. But they are not. Ethical consumers are too small of a group to be worth getting business from.