Conversation

Replying to and
Those apps are choosing to depend on Play Services and use SafetyNet attestation to verify that it's a certified release without tampering. The issue is ultimately apps choosing to do that not Google improving SafetyNet attestation to make it less trivial for attackers to bypass.
2
Replying to and
I don't use any of those apps, so I'm not sure why you expect me to do something about it. If the users of those apps want them to work without Play Services and on other operating systems, they should push for it. Same goes for apps implementing DRM with attestation features.
1
If apps insist on implementing DRM, they could whitelist other operating systems if they used the hardware-based attestation directly. They would get stronger assurance and portability. If users push for it and they decide to whitelist GrapheneOS, great, but I won't push for it.
1
I doubt that banks and financial services are going to stop using attestation. I expect users who want strong anti-cheat for games greatly outnumber those wanting the ability to run them elsewhere. In general, I'd just recommend avoiding those apps and pressuring app developers.
1