TL;DR
- Efforts like Graphene OS face increasing pressure from apps that refuse to run on non-standard Android.
- The custom ROM project characterizes Google’s approach to device attestation as incomplete and flawed.
- Graphene OS is prepared to take legal action if Google won’t let it pass Play Integrity checks.
Thankfully there are FOSS alternatives for apps like Authy. I recommend Aegis
For your banking app, you can use this list to check if it’s compatible: https://privsec.dev/posts/android/banking-applications-compatibility-with-grapheneos/
Using the web app might also be an option.