I cannot sign into my bank that uses app links (links that start with app://) brave doesn’t work at all and I cannot get it working.
This issue here describes the problem other apps are having, so I am assuming that this issue is happening across all Brave devices for Android.
I try and open an app that uses app links such as BankID(Android App) and I cannot open the app link even through the BankID test page Brave fails to open the app.
This means I cannot manage my bank account because Brave is broken and doesn’t open external app links.
Solution: a recent Brave update added a new Privacy setting called “Allow app links to open in apps outside of Brave”. Foolishly, the developers decided to have this new setting default to “Off”, which effectively disables Brave’s ability to open external app links.
Just find this setting and turn it On, and you should be good to go.
I changed the setting and it didn’t make a difference. Clicking in the links doesn’t open any app (Google Maps, Phone,…). Quite irritating, to say the least.
Apologies, but are we all upset here because the feature that allows users to open links from within Brave in 3rd party apps — apps that may share your data/activity/etc — is turned off by default?
This feature doesn’t (or at least it shouldn’t) “break” anything, it just stops you from opening 3rd party applications unintentionally so that you don’t end up sending/sharing your private information with them — one of the reasons I am assuming you’re using Brave to begin with.
If we were to turn this “on” by default, we would have a thread similar to this, asking us “how we could possibly allow a user to unwittingly share their data with third party apps from Brave by default”. Any time there is a choice between having any feature on/off by default, there is always going to be some cohort of users who want the opposite of what you chose to be implemented.
In this particular instance, I think that keeping data contained in Brave by default is the right choice to make — if you want to have links open in external apps, simply go to Settings --> Brave Shields & Privacy and toggle it on (that’s three total taps) and you’re off to the races.
Yes, I guess I can understand what you’re saying about the security downsides of having that new setting default to “On”, especially since Brave is touted as a security/privacy-centric product.
However, I think a “best of both worlds” solution would have been to simply add a one-time pop-up message that appeared after the update, something like:
In this update, we have added a new Privacy setting “Allow app links to open in apps outside of Brave”, which defaults to Off. If you want to (re)enable external app links, you will need to manually change this new setting to On.
Obviously, the way you decided to implement this new setting has caused headaches and/or befuddlement for a lot of users, as evidenced by the sheer number of posts here (and elsewhere on the internet). I hope you haven’t lost too many users because of it. Brave is a great product.
Thank you for your prompt response. I concur with the rationale behind disabling the feature that allows external app links to open by default, as it aligns with Brave’s focus on user security and data privacy. However, I believe the current implementation may not be entirely user-friendly or practical for those who require the use of such deep links.
While I understand that the feature can be manually enabled through the settings, this approach lacks granularity in user control. It exposes the user to all deep links without discrimination, which could be a security concern.
I propose a more nuanced approach: keep the feature disabled by default but prompt the user with a choice when a deep link is encountered. This would allow users to selectively enable deep links from trusted sources by adding them to a whitelist. This compromise maintains the default security posture while providing users the flexibility to interact with trusted third-party applications.
By implementing this, Brave can cater to both security-conscious users and those who require the functionality of deep links, without compromising on either aspect.
Blocking all app links breaks the OAuth 2.0 flow which is used by quite a number of apps out there. At least add a prompt setting (like FF) as default instead of setting this to default off.
This change also breaks mobile payment flows with iDeal, the most widely used payment method in the Netherlands (tested with ING bank and Rabobank).
The iDeal mobile payment flow normally works like this:
User selects iDeal as payment method on merchant website
User gets redirected to iDeal website where they select their bank (sometimes this choice is made on the merchant website already and this page is skipped)
User gets redirected to selected bank website where they can choose to pay with their banking app either:
“on this device”, or
“on another device”, which displays a QR code for the banking app on the other device to scan
If the user chooses “on this device”, the banking app opens and they complete the payment there
The banking app closes and the bank website redirects back to the merchant website, informing them that the payment succeed
With the recent change in Brave, step 4 is now broken. When the user taps the button to open the banking app, absolutely nothing happens and no feedback is given to the user.
Personally, I understand and largely agree with the rationale behind this change, but it seems to have had some fairly serious unintended side effects. As a user, I was very confused why I suddenly couldn’t open the banking app while attempting to pay for a purchase yesterday. I initially thought it was a problem with the banking app, so I cancelled the payment and tried again with my other bank but experienced the same issue there. I tried the usual steps, fully restarting the app, clearing cache and even rebooting my phone, but nothing helped. In the end I gave up and moved to my desktop PC to finish the purchase. When I tried today to call a store through their phone number displayed on Google and nothing happened when I tapped the number, I figured it must be a bug in Brave and found this topic after some searching.