I haven't been able to update my cellphone anonymously with Aurora since January. Every time I try, Aurora errors out with "Oops, you are rate limited".
This isn't the first time Google plays at making non-normies' lives difficult. So I tried the usual tricks, updated Aurora, tried the nightly build, waited, tried again... for months - to no avail: Google just won't play ball this time.
Last week, Signal stopped working and demanded to be updated. Fortunately, Signal offers the APK as a normal download without having to get it from the hateful Google Play store.
Today, my home banking identificator app did the same thing and stopped working. I needed to make a payment right now, and I had no way to update the app: "Oops, you are rate limited". And my bank sure doesn't offer the APK outside of anything but the goddamn Google Play store.
So I relented and created a Google account. Which of course entailed giving Google a phone number. I sure didn't give them mine, so I phoned a friend abroad who doesn't care to ask him to receive the verification SMS on his phone and read out the code to me. Which worked long enough to set up 2FA and do away with phone numbers altogether. And finally, after an hour of fucking around, annoying other people and compromising their phone number, I could update my banking app and make my payment at last.
All that because Google has decided they want to control my phone.
Fuck Google.
Seriously, how they are allowed to hold the Android world hostage like this without getting their monopolistic ass Sherman'ed AT&T-style, I'll never know. It's long overdue.
Another solution would be downloading the APK from APKMirror. I believe all their APKs signatures are checked against the proper Play Store releases or something like that (don't quote me on that), but the baseline is that all their APKs should be pretty safe.
As much as I hate Google and the Play Store, I trust it more than third party app stores. APKPure, Aptoide, APKMirror... They all sound a bit sketchy to me. Because if you think about it, there's absolutely no way to verify that the APK files they serve haven't been diddled with, since the Google Play store doesn't give a file hash that would enable me to verify the file's signature independently. Not to mention, their apps have a knack for displaying obnoxious advertisement at full screen and full volume.
And even if I did trust them, do you find this normal? Why is Google allowed to make me jump through hoops and compromise my security with impunity?
This comment about the app signature should apply to your situation too, you can't mess with an APK and then sign it with the Google Play keys.
APKMirror is the most trustworthy website there is for APKs out there, if you do some research you will see that the community consensus is it being pretty safe.
I do however understand your concern, especially when talking about banking apps. Honestly now that I think about it, for a banking app I'd rather make a burner Google Account as well. For less sensitive apps however, APKMirror is the best non Google way to get their APKs.
About the app, I have no idea, I only ever used the website (with uBlock).
Obviously it sucks that you need a Google account to access all these apps "properly" through the Play Store, for free apps they should really just let you download them without an account.