It’s almost already like this. In my country every single bank reinvented the wheel by creating a single purpose app which does what aegis does (otp generation from a seed) but with some bits changed (one for example “encrypted” the seed with ROT13) and with draconian measures like bootloader must be locked, adb must be disabled, and are using literal exploits to see if you have “forbidden” directories on /sdcard like/sdcard/magisk even if no file access is granted
It’s almost already like this. In my country every single bank reinvented the wheel by creating a single purpose app which does what aegis does (otp generation from a seed) but with some bits changed (one for example “encrypted” the seed with ROT13) and with draconian measures like bootloader must be locked, adb must be disabled, and are using literal exploits to see if you have “forbidden” directories on /sdcard like/sdcard/magisk even if no file access is granted