Volkswagen Bans GrapheneOS. Continues to Support Android 10.
8 July 2026 · ~4 min read
Volkswagen quietly updated its Android app to block GrapheneOS, logging out customers across the entire VW Group without warning. The stated reason is security. The app continues to work fine on Android 10, an operating system Google released in September 2019.
What happened
In late June and early July 2026, Volkswagen shipped an update to its Android app that removed support for GrapheneOS. The change wasn't limited to the Volkswagen-branded app — it hit every VW Group app, including Audi, SEAT, and Skoda's equivalents.
Affected users were logged out and found they could not log back in. There was no advance notice or public announcement from Volkswagen — customers only discovered the change when their app stopped working. When users complained, Volkswagen's response was that the app “relies on security-relevant system components and certified Android standards,” and that custom ROMs including GrapheneOS, LineageOS, and similar systems are not supported.
The justification doesn't hold up
The stated reason is security. But Volkswagen's own app continues to support Android 10 — a version of Android that is seven years old, no longer receives security patches from Google, and has known, unpatched vulnerabilities. GrapheneOS, by contrast, is actively audited, fully open-source, and received a security update just days before the ban took effect.
If the concern were genuinely about running on a verified, patched, secure platform, an actively maintained hardened OS should qualify more easily than a seven-year-old release with no ongoing support. The two positions are difficult to reconcile on security grounds alone.
What this means for GrapheneOS users
If you own a VW Group vehicle — Volkswagen, Audi, SEAT, or Skoda — and use the connected car app, it no longer works on GrapheneOS. The app is a connected car control app: remote start, climate control, charging management. It is not a banking app, and the failure mode is different.
Most banking apps work on GrapheneOS via Sandboxed Google Play because they rely on standard Play Integrity checks, which GrapheneOS passes. The VW app appears to run its own separate attestation check rather than relying on Play Integrity. If you're worried about your banking apps specifically, see our banking app compatibility guide.
The broader pattern
This is worth reading as context rather than conspiracy. A more secure, privacy-preserving OS gives a manufacturer less access to device telemetry and app behaviour data than an older, less restrictive one does. Whether or not that trade-off motivated this specific decision, it's a pattern worth naming: security justifications don't always align with what actually keeps a device secure.
The GrapheneOS team posted on X calling the justification nonsensical and encouraged affected users to leave one-star reviews and request refunds for lost functionality — including, in some cases, features like remote heat pump or air conditioning control that customers had paid for separately. That response — public reviews, refund requests — is the normal consumer mechanism for pushing back on a vendor decision like this.
Our position
The VW app currently does not work on GrapheneOS. If you own a connected VW Group vehicle and rely on the app, this is a genuine trade-off to weigh before switching. We always recommend customers check their specific app requirements before purchasing — this is exactly what our right-sizing consult is for. Most Australian banking apps, government apps, and everyday apps continue to work fine. This issue is specific to the VW Group connected car app.
Worried about your specific apps?
Book a right-sizing consult before you buy — we'll tell you honestly what works and what doesn't.