Let’s say, I create a bank with the caveat that all of my banking phone apps and webapps are FOSS (or if they depend on non-free components — banks probably do to communicate with each other —, then just OSS). Am I going to be behind the competition by doing this?
If the most secure crypto algorithms are the ones that are public, can we ensure the security of a bank’s apps by publicizing it?
Are they not doing this because they secretly collect a lot of data (on top of your payment history because of the centralized nature of card payments) through these apps?
EDIT: Clarifying question: Is there a technical reason they don’t publicize their code or is it just purely corporate greed and nothing else?
As long as the bank has a good API, there’s nothing stopping anyone except money.
There is a cost to making a good app. And banks have no incentive to open source their current apps - if it’s any good it’s a competitive advantage.
For example - I’m currently using a bank because their app is awesomely good (compared to other banks). Why would they open source it - it means customers might go to other banks who do better on interest rates, or fees.