Open source · MIT · Android 13+
Bank OTPs, made usable.
Veles turns bank OTP notifications that ordinary messaging apps cannot present conveniently into clean, copy-ready codes, with the amount and merchant alongside them.
Bank messages come in many formats. Veles matches the templates stored on your phone, pulls out the one-time code, amount, and merchant, and re-posts them as one clean notification with a one-tap Copy button. Everything happens on your phone — nothing ever leaves it.
The problem
Your bank sent the code. Your messaging app still makes you hunt for it.
Banks use inconsistent OTP formats, and standard messaging apps do not always recognize them or make the code easy to copy. You squint, memorize six digits, switch back to the app you were paying in, and hope you remembered them right. If the notification collapses, you dig through the shade to find it again.
Before
“Your OTP is 674902 for payment of THB 1,250.00 to COFFEE HOUSE. Valid for 5 minutes. Do not share this code with anyone. Ref: 8842…”
After Veles
674902 · THB 1,250.00 → COFFEE HOUSE Copy
Veles extracts the three things that matter — the code, the amount, and who is charging you — cancels the noisy original, and posts a clean replacement. One tap copies the code to your clipboard. Paste, confirm, done.
Specialized alternatives may be paid, show ads, or ask you to trust software you cannot inspect. Veles closes that gap: it is free, has no ads, works offline, and publishes all of its source.
Banks are described by simple text-matching templates stored on your device. UOB Thailand works out of the box; you can add your own bank from the Templates screen and validate it instantly with the built-in Test screen — no coding, no waiting for a real bank SMS.
Info safety
Your codes never leave your phone.
An app that reads banking notifications has to be held to a higher standard. Veles is built so you don't have to trust promises — you can check every claim:
- No internet — enforced by Android, not by promise. Veles does not declare the internet permission in its manifest, so the operating system itself will refuse to let it open a network connection. Your notifications physically cannot be sent anywhere.
- Nothing is stored. Notification text is processed in memory and discarded. The only things saved on your device are your own bank templates, in a local database.
- No accounts, no tracking. No sign-up, no telemetry, no analytics, no crash reporting, no third-party SDKs.
- Open source and verifiable. The complete source code is public under the MIT license. Releases are built reproducibly — CI refuses to publish an APK it cannot rebuild bit-for-bit from the source you can read — and any release can be verified with one command:
gh attestation verify veles-X.Y.Z.apk --repo raidenyn/veles-android
Free forever
No ads. No payments. Not now, not ever.
Veles is free software: no advertisements, no in-app purchases, no subscriptions, no "pro" tier — and no plans to ever add any. An app that reads your banking notifications must have zero monetization pressure, so this isn't a launch promo, it's a design constraint. The MIT license guarantees the code stays free.
Android 15+
Why does Veles ask to pair with a Bluetooth device?
Starting with Android 15, the system redacts one-time codes out of notifications before any notification-listener app can read them. Instead of your bank's message, Veles receives only “Sensitive notification content hidden.”
Android makes one exception: companion-device apps — the mechanism smartwatches use to mirror your notifications. It is the only door Android leaves open, so Veles knocks on it: to be registered as a companion app, it must pair with a nearby Bluetooth device.
- Any Bluetooth device works — headphones, your car, a fitness band. The system dialog mentions a watch only because Veles has to request the "watch" companion profile; it's the only profile that carries the needed permission.
- Veles never talks to the paired device. The pairing is a formality Android requires. No data is sent to it, read from it, or associated with it.
- The grant is verified, not assumed. After pairing, Veles posts a hidden test notification with a random code through its own pipeline and checks whether it can read the text back. The setup card only disappears once access is confirmed to work.
On Android 14 and below none of this applies — Veles never shows the pairing step there. If pairing doesn't stick on your device, see the adb fallback below.
Fallback guide
Fallback: grant access with adb.
If companion pairing doesn't work on your device (some manufacturer builds keep redacting content even after the grant), you can give Veles the permission directly from a computer using adb. This targets only Veles — unlike disabling Enhanced notifications, it does not weaken protection for the rest of the device.
You'll need a computer with adb and USB or wireless debugging enabled on the phone.
-
Step 1 — OnePlus / OxygenOS only: disable system optimization.
OxygenOS blocks adb from changing per-app operations unless a developer override is on. In Settings → Additional settings → Developer options, find “Disable system optimization” (called “Disable permission monitoring” on older builds), turn it ON, and reboot. On other brands, skip this step.
-
Step 2 — grant the permission:
adb shell appops set me.nagaev.veles RECEIVE_SENSITIVE_NOTIFICATIONS allowIf adb complains about user profiles:
adb shell cmd appops set --user 0 me.nagaev.veles RECEIVE_SENSITIVE_NOTIFICATIONS allowVerify it saved:
adb shell appops get me.nagaev.veles RECEIVE_SENSITIVE_NOTIFICATIONSExpected output:
RECEIVE_SENSITIVE_NOTIFICATIONS: allow. Then tap Check now on the card in Veles. -
Step 3 — optional:
Turn “Disable system optimization” back OFF; the granted permission persists.
When you'd need to redo this: after a full uninstall + reinstall (updates in place are fine), and occasionally after major OS updates.