It does check for an unlocked bootloader. Using a kernel like ElementalX, Franco or Flash causes the check to pass.I've got Android Pay working with root and unlocked bootloader. I've had some time lately to play around with different configurations.
As far as I can tell from my tests CTS check is not related to unlocked bootloader but rather to decrypted system. I've had to leave encryption on after unlocking bootloader to pass SafetyNet check.
Android 7.1.1 Stock Dev Preview
ElemenatalX kernel (probably I'll switch to franco as it drains my battery pretty fast)
Magisk + Phh systemless root
After flashing a kernel update that only changes the bootloader check code does it work. So yea it's the bootloader unlock check.No, it is not kernel. I've checked same configuration just with decrypted phone and without root. With stock/elemental/franco kernels cts check was failing and with encrypted phone even on stock kernel it passed.
I've read and even checked kernel for this part of code but after tests it appears that it didn't work in my case.
An unlocked bootloader with the stock kernel without Magisk will not pass SafetyNet. With Magisk Hide, the new resetprop will hide the bootloader status.Since you are so sure it's kernel then explain that. I'm now on stock kernel from latest Android 7.1.1 dev preview using unlocked stock bootloader. Phone is rooted (systemless root installed from TWRP) and I can still pass SafetyNet check.
"Wersja Jadra" is "Kernel version"
I'm on HTC 10 Nougat 7.0
Has anyone managed to actually make a payment with safetynet green? I passed all checks on Pixel ROM with elementalX and rootswitch, was able to add my card, and the payment still failed. I'd really like to get off stock, but I just can't get Android Pay to work.
echo SYSTEMLESS=true>>/data/.supersu echo BINDSYSTEMXBIN=false>>/data/.supersu