[Discussion] Google Pay Magisk Discussion Thread

Search This thread
By:
Advanced…
Fishawy

Fishawy

Senior Member
Mar 26, 2010
3,363
664
Melbourne
OnePlus 9 Pro
Google Pixel 7 Pro
tangcla said:
Where do I get the mod 3.0 version from?
And should I be using 2.3.1 mod 3 from Displax or 2.4.0 from kdrag0n? It stopped working for me recently.
Click to expand...
Click to collapse
forum.xda-developers.com

[MODULE] [MOD] Universal SafetyNet Fix

Universal SafetyNet Fix [MOD] Magisk module Hello. This is my modification [FORK] of the original Universal SafetyNet Fix module from @kdrag0n. Created for the (temporary?) restoration of working capacity in the conditions of constant change...
forum.xda-developers.com forum.xda-developers.com
 
  • Like
Reactions: rodken, pndwal and tangcla
tangcla

tangcla

Senior Member
Sep 10, 2008
2,519
363
Melbourne, Australia
www.tangcla.com
Google Pixel 5
Samsung Galaxy Watch 4
  • Like
Reactions: Fishawy
Q

qetuol

Senior Member
Oct 16, 2010
132
11
Just a quick update for you guys. The "Enforce Denylist" option must be turned OFF, otherwise gpay won't work. I tried and tested this. Don't worry if you don't pass device integrity, as long as you have a checkmark for "your phone meets security requirements" you are good to go (see image).
Screenshot_2023-03-03-15-31-52-292_com.google.android.gms.jpg
 
  • Like
Reactions: wtosta
rodken

rodken

Senior Member
Jan 11, 2010
1,644
721
qetuol said:
Just a quick update for you guys. The "Enforce Denylist" option must be turned OFF, otherwise gpay won't work. I tried and tested this. Don't worry if you don't pass device integrity, as long as you have a checkmark for "your phone meets security requirements" you are good to go (see image).
Click to expand...
Click to collapse
I beg to differ.
-- Most if not all OnePlus devices can have Enforce Denylist enabled and still have GPay functional.
 
Virnik0

Virnik0

Senior Member
Sep 14, 2010
1,953
438
Prague
blog.nutcracker.cz
This is so weird. I have Galaxy S22 and Galaxy S20+, both with latest stock firmware + Magisk 25.2, I have all google apps in DenyList. Also, the ROM is heavily modified: I disable almost all Samsung Apps (except for system-critical). SafetyNetFix of latest Git-downloaded version installed, TWRP also of latest available (corsicanu's build). Everything works, but Google Wallet sometimes throws a pop-up warning about root. I usually kill the app, wipe it's cache, start it again and I can again pay without problem. Also, no matter what, contact-less payment have all checks green, despite prior toast warning. Reboot also fixes the issue (making payments possible again, in cases where cache wipe or app-kill won't work).
 
Fishawy

Fishawy

Senior Member
Mar 26, 2010
3,363
664
Melbourne
OnePlus 9 Pro
Google Pixel 7 Pro
Virnik0 said:
This is so weird. I have Galaxy S22 and Galaxy S20+, both with latest stock firmware + Magisk 25.2, I have all google apps in DenyList. Also, the ROM is heavily modified: I disable almost all Samsung Apps (except for system-critical). SafetyNetFix of latest Git-downloaded version installed, TWRP also of latest available (corsicanu's build). Everything works, but Google Wallet sometimes throws a pop-up warning about root. I usually kill the app, wipe it's cache, start it again and I can again pay without problem. Also, no matter what, contact-less payment have all checks green, despite prior toast warning. Reboot also fixes the issue (making payments possible again, in cases where cache wipe or app-kill won't work).
Click to expand...
Click to collapse
If you're using the original Universal SafetyNet Fix by kdrag0n, you might wanna switch to the Displax fork linked a couple of posts above and test.

Hope this helps.
 
  • Like
Reactions: Virnik0 and pndwal
DineshValor

DineshValor

Senior Member
Jan 29, 2022
51
17
varunpilankar said:
I'm using rooted android 10 with Safetynet Pass & Play Store -Certified, but I'm still not able to activate tap to pay on Paytm app.


It's gives me a error - "This functionality is not available due to security concerns with your device."

How can I fix it?
Click to expand...
Click to collapse
Requirements:-
- Magisk v25.2
- LSPosed v1.8.6
- PrivacySpace v1.3.7 (LSPosed module app)
- Enable Zygisk (Enforce DenyList - Disabled) under Magisk (+ download some Magisk module as shown in screenshot¹)
Screenshot_2023-03-18-17-10-02-79_9d1fb82a3633e78ac9c37e5a64e38237.jpg

Follow below steps to fix "This functionality is not available due to security concerns with your device" in Paytm (Tap to Tay):-
1. Download frest original Paytm app or clear data & force stop.
2. Open PrivacySpace app/module under LSPosed.
3. Hidden Apps > select Paytm (+ all other modules such as Lucky Patcher, etc as show in screenshot²).
Screenshot_2023-03-18-17-20-27-10_30686f06bc9783668a8afa418b45660d.jpg
4. Blacklist > select Paytm.
Note: If u want to recieve Paytm app update in Play Store then select Play Store in "Connected with Others" to unhide Paytm app for Play Store.
Screenshot_2023-03-18-17-27-19-47_30686f06bc9783668a8afa418b45660d.jpg
5. All Set, Try your Luck Now, and do not forget to let me know if it's work for you too.
 
Last edited:
  • Like
Reactions: beeshyams and pndwal
varunpilankar

varunpilankar

Senior Member
Jul 8, 2012
258
67
Sony Xperia SP
Moto X
DineshValor said:
Requirements:-
- Magisk v25.2
- LSPosed v1.8.6
- PrivacySpace v1.3.7 (LSPosed module app)
- Enable Zygisk (Enforce DenyList - Disabled) under Magisk (+ download some Magisk module as shown in screenshot¹)
View attachment 5865833

Follow below steps to fix "This functionality is not available due to security concerns with your device" in Paytm (Tap to Tay):-
1. Download frest original Paytm app or clear data & force stop.
2. Open PrivacySpace app/module under LSPosed.
3. Hidden Apps > select Paytm (+ all other modules such as Lucky Patcher, etc as show in screenshot²).
View attachment 5865841
4. Blacklist > select Paytm.
Note: If u want to get Paytm app update in Play Store then select Play Store in "Connected with Others" to unhide Paytm app from Play Store.
View attachment 5865845
5. All Set, Try your Luck Now, and do not forget to let me know if it's work for you too.
Click to expand...
Click to collapse


I was still using hide my Applist xposed module.. How is PrivacySpace different from it?
 
DineshValor

DineshValor

Senior Member
Jan 29, 2022
51
17
varunpilankar said:
I'm guessing it's the same..right?

So far able to get the Paytm app to work but when ever I trying to register the card for tap to pay, it fails.

It was not the case in the past.. Happening from recent app update onwards.
Click to expand...
Click to collapse
I'm the victim with same issue few weeks ago and try to found solution on google but didn't found rather than your post in Magisk thread,
and later one day try to solve the issue by own and actually worked for me, & successfully rid out of Paytm "Tap to Pay" issue "This functionality... on your device!" warning message.
 
varunpilankar

varunpilankar

Senior Member
Jul 8, 2012
258
67
Sony Xperia SP
Moto X
DineshValor said:
I'm the victim with same issue few weeks ago and try to found solution on google but didn't found rather than your post in Magisk thread,
and later one day try to solve the issue by own and actually worked for me, & successfully rid out of Paytm "Tap to Pay" issue "This functionality... on your device!" warning message.
Click to expand...
Click to collapse

Let me try it again using HMA in this week.. Will get back to you.
 
DineshValor

DineshValor

Senior Member
Jan 29, 2022
51
17
varunpilankar said:
@DineshValor doesn't work with HMA, my card is still showing pending to be added.

Any good brief guide to replace HMA with PrivacySpace?
Click to expand...
Click to collapse

varunpilankar said:
If u wise to keep using HMA, there is no need to move on PrivacySpace, u can try it on another hand, if it's sork with your paytm issue then thinks once again to migrate from HMA to PrivacySpace. Everyone have there own right to choice/decision. 😇
Click to expand...
Click to collapse

Additionally, u can use Google Pay, I'm personally using GPay just for NFC payment and it's feel better than Paytm "Tap to Pay" + support more bank debit/credit card.
 
P

pndwal

Senior Member
Jun 23, 2016
6,334
7,129
Sydney
Redmi Note 8
Xiaomi Redmi Note 8 (2021)
varunpilankar said:
I don't prefer G Pay for anything.. Will like to stick with Paytm and try to work on fixing tap to pay
Click to expand...
Click to collapse
I see you said you pass SafetyNet... But of course that's deprecated; most banks have migrated to new Play Integrity API now... Are you passing PI deviceIntegrity?...If not official Universal SafetyNet Fix will likely not help as it currently has issues... You'll need @Displax's up-to-date fork with fixes...

Also, did you install Shamiko for proper root hiding as suggested more than once above?

🤠 PW
 
  • Like
Reactions: DineshValor
m0han

m0han

Senior Member
Apr 30, 2012
5,567
2,675
Does anyone happen to know why GPay 'Check bank balance' is not working? When I tap on the account on the 'Select account' screen, a line flashes above and disappears. Nothing else happens. Hope this is not OT here.
 

Attachments

  • SS_20230325_114521.jpg
    SS_20230325_114521.jpg
    79.6 KB · Views: 37
DineshValor

DineshValor

Senior Member
Jan 29, 2022
51
17
m0han said:
Does anyone happen to know why GPay 'Check bank balance' is not working? When I tap on the account on the 'Select account' screen, a line flashes above and disappears. Nothing else happens. Hope this is not OT here.
Click to expand...
Click to collapse
I'm using same version GPay and didn't face such issue, probably it's your device app bug or something in your device. There no traces related magisk. Kindly confirm your side.
 
  • Like
Reactions: m0han
You must log in or register to reply here.

Similar threads

T
  • Sticky
Magisk General Support / Discussion
Replies
56K
Views
6M
zgfg
zgfg
T
  • Locked
  • Sticky
Magisk - The Magic Mask for Android
Replies
56
Views
6M
T
topjohnwu
T
  • Locked
[CLOSED][BETA][2018.7.19] Magisk v16.7 (1671)
Replies
7K
Views
3M
T
topjohnwu
Heisenberg
[Discussion] PokeMon Go Magisk Discussion Thread
Replies
5K
Views
636K
djkrish5610
djkrish5610
Didgeridoohan
  • Sticky
[MODULE] [DEPRECATED] MagiskHide Props Config - SafetyNet, prop edits, and more - v6.1.2
Replies
7K
Views
1M
M
matrix200200

Top Liked Posts

24 Hours 30 Days All time
  • There are no posts matching your filters.
  • 4
    P
    pndwal
    wtosta said:
    Thanks to pndwal's suggestions, I confirm what rogerinnyc wrote above. On my S10e I'm using Ambassadii ROM 5.6 and Magisk 26.1 the Zygisk option is enabled. I set denials for GPay/Wallet, Google Play Services, banking applications and the Allegro application (a popular shopping platform in Poland, something like eBay). Also, I have the safetynet-fix-v2.4.0-MOD_1.2 module installed in Magisk. Without the Shamiko module installed in Magisk and without Enforce Deny List enabled, a strange thing happens. Namely, the GPay/Wallet application worked, but the banking applications detected the root.
    Click to expand...
    Click to collapse
    I believe GPay/Wallet would usually fail after some time unless you still pass Play Integrity deviceIntegrity verdict because ROM integrates SNF or it's own spoofs for this...

    It's not surprising bank apps fail without denylist (they actively search for root) / Shamiko (proper hiding for traces of Zygisk etc)...
    wtosta said:
    When Enforce Deny List was enabled, banking applications did not detect the root, but GPay/Wallet stopped working and showed that the device does not comply with security rules. Only the installation of the Shamiko module with the DISABLED Enforce Deny List in Magisk solved the problem. Both GPay/Wallet works and other banking apps don't see root. I did not tested removal of safetynet-fix-v2.4.0-MOD_1.2 module and leaving Shamiko module alone anymore. But my current combination of modules works for me. Thank you, Dear Friends, once more for your hints.
    Click to expand...
    Click to collapse
    Having Play Services, specifically the droid guard/attestation process com.google.android.gms.unstable in active denylist breaks Zygisk based USNF builds (note, it will remove these from denylist on next boot for this reason) because DenyList reverts/prevents Magisk modifications in listed processes unlike old MagishHide. (It's really now a development tool, not a hiding tool.) In this case USNF injects code in gms to register a fake keystore to cause the fallback to basic attestation that's it's key function, so we can't hide root front gms using Denylist... Shamiko on the other hand is a proper hiding module and simply uses denylist (for convenience) as a hidelist, so it doesn't break USNF in this case...

    Zy-USNF builds hide root from gsm processes itself, so they shouldn't be added in denylist anyway... This should be done to pass device integrity verdicts if you use pre-Android 8, devices with broken keymaster implementations or revoked keys, or when ROM integrates it's own SNF/spoofing, and USNF is not used/needed but never with Zy-USNF.

    GPay/Wallet needs passing PI deviceIntegrity and you need to check this is passing with a Play Integrity checker app... You'll see this fail as soon as denylist is enforced...

    Bank apps on the other hand often employ their own checks for traces of root and some don't check deviceIntegrity. Some only check deviceIntegrity and some do both...

    Hope it helps your understanding of this.

    🤠 PW
    View
    3
    R
    rogerinnyc
    Just adding my experience to this thread, FWIW. On a OnePlus 9 Pro, rooted, Android 13 stock, and using the official Magisk 26.1. All I have installed is Shamiko 0.7 -- no Universal Safety Net Fix, no MagiskHide Props Config. In Magisk settings, Zygisk is enabled (as is required by Shamiko), but not Enforce Deny List. My Configure DenyList includes Google Wallet and Google Play Store, but not Google Play Services. With that configuration, Google Wallet has been working consistently. I can't speak to the various banking apps -- but I use Chase with this configuration (but the setup to get it working is not straight-forward, involving using an older apk version initially, and functionality for secure messages doesn't always work).

    I did have a problem with opening Wallet after a reboot and getting a pop up warning that your device does not meet security requirements, but I could simply dismiss that and Wallet would still work (and "tap to pay setup" would show "Your phone meets security requirements" still). I think that may have been Magisk taking some time to load. I've gone into Battery settings for Magisk and enabled it both to run in the background and to autolaunch and that issue hasn't (yet) re-occurred.

    Interestingly, with this configuration, using YASNAC (Yet Another SafetyNet Attestation Checker), my device would fail both Basic Integrity and CTS Profile Match, even with Google Wallet working. Once I added Universal Safety Net Fix 2.4, YASNAC would pass my device. So far, no ill effects from having both Shamiko and USNF installed and running. But Shamiko alone was sufficient for Google Wallet purposes.

    YMMV.

    P.S. I should add that once you have the Magisk/Module set up you want, you should clear cache (and, I believe but am not certain it's needed, data) for Google Play Store and Google Play Services and and Google Wallet and reboot.
    View
    3
    wtosta
    wtosta
    Thanks to pndwal's suggestions, I confirm what rogerinnyc wrote above. On my S10e I'm using Ambassadii ROM 5.6 and Magisk 26.1 the Zygisk option is enabled. I set denials for GPay/Wallet, Google Play Services, banking applications and the Allegro application (a popular shopping platform in Poland, something like eBay). Also, I have the safetynet-fix-v2.4.0-MOD_1.2 module installed in Magisk. Without the Shamiko module installed in Magisk and without Enforce Deny List enabled, a strange thing happens. Namely, the GPay/Wallet application worked, but the banking applications detected the root. When Enforce Deny List was enabled, banking applications did not detect the root, but GPay/Wallet stopped working and showed that the device does not comply with security rules. Only the installation of the Shamiko module with the DISABLED Enforce Deny List in Magisk solved the problem. Both GPay/Wallet works and other banking apps don't see root. I did not tested removal of safetynet-fix-v2.4.0-MOD_1.2 module and leaving Shamiko module alone anymore. But my current combination of modules works for me. Thank you, Dear Friends, once more for your hints.
    View
    3
    wtosta
    wtosta
    pndwal said:
    GPay/Wallet needs passing PI deviceIntegrity and you need to check this is passing with a Play Integrity checker app... You'll see this fail as soon as denylist is enforced...
    Click to expand...
    Click to collapse
    It happens exactly as you said. So denylist enforcement in Magisk should be disabled. Shamiko module properly hides the root for all the rest bankig/shopping apps :)
    View
    2
    C
    cridus
    zgfg said:
    You have updated USNF from this thread or the newer/better/modded version from another thread (please don't ask which thread - every second post is about, just scroll back, where, why, etc)
    Click to expand...
    Click to collapse

    I didn't know there were two different variants. I got it from kdrag0n's github. is there a new better one?
    (I'll take a look in the meantime)

    edit: it worked, omg thank you so much.

    here's the thread with the other, working version of USNF, for convenience for anyone bumping into this post:

    [MODULE] [MOD] Universal SafetyNet Fix

    Universal SafetyNet Fix [MOD] Magisk module...
    forum.xda-developers.com forum.xda-developers.com
    View
  • 62
    JarlPenguin
    JarlPenguin
    The new Google Play services update caused this.

    Temporary workaround:

    1. Disable Google Pay/Find My Device as Device Administrators in Settings > Security & location > Device Administrators.

    2. Search "Google Play services" in the Settings search bar.

    3. Press the three dots and press "Uninstall previous updates".

    4. Download this update - https://www.apkmirror.com/apk/google-inc/google-play-services/google-play-services-14-7-99-release/
    Pick your needed edition (arm or arm64, etc.), download it and install it.

    5. Disable Background data access for Google Play Services and Google Play in their respective App Info pages.

    6. Download Google Pay from the Play Store.

    7. Set up your cards. Enjoy!

    Never EVER update Google Play services manually, until a Magisk update is available that bypasses the upgraded SafetyNet. Note that Google Play services is responsible for adding/verifying the card, not the Google Pay app! Hence why there seems to be an overlay when adding a card/verifying an existing one.

    Tested Google Pay versions:

    2.79.x-2.83.235070858 - working

    Tested Google Play services versions:

    14.7.99, 16.0.86 - working with Magisk 18.1

    14.8.49-16.x- working with Magisk 18.2 Canary
    View
    32
    Didgeridoohan
    Didgeridoohan
    This thread is inspired by the PoGo Magisk discussion thread. It's meant to keep the clutter of "Google Pay doesn't work" posts out of the main Magisk threads.

    Please use this to discuss issues with Google Pay and possible solutions.

    There's a working solution here:
    https://forum.xda-developers.com/t/magisk-module-universal-safetynet-fix-2-3-1.4217823/post-87198517


    For general tips on first getting SafetyNet to pass fully, check here:
    https://www.didgeridoohan.com/magisk/MagiskHide#hn_SafetyNet
    View
    29
    B
    BostonDan
    Ok. I tried this and it worked on gms 17.1.22, allowing one to add cards and pay in store. Warning YMMV, but this is the process I did to get this working. One caveat is that Google pay does not register the "recent transactions" on the Google pay app. Another caveat is that I suspect users will have to reverse some step if gms is updated and then reapply, but this still needs to be confirmed

    Without further ado, here is my process:

    1) download a SQL database editor. I used

    https://play.google.com/store/apps/details?id=com.tomminosoftware.sqliteeditor&hl=en_US

    2) download a terminal emulator program. I used terminus but any terminal emulator should work.

    3) make sure Google pay is forced close, if it is open.

    4) open SQL editor. Navigate to /data/data/com.google.android.gms/databases

    5) open dg.db

    6) change any value that lists "attest" in the name (first column) to 0 in the third column. Mine was showing a value of 10 in the third column for each of these values. (Column c for sqlite databse editor I used)

    7) open the terminal emulator.

    8) get root access (su)

    9) cd /data/data/com.google.android.gms/databases

    10) type: chmod 440 dg.db
    This makes dg.db read only (for owner and group, and no access for world.)

    11) reboot

    I suspect when gms is updated, one will have to go back to steps 10 and 11 and chmod 660 dg.db to allow new keys to be written to the database, and then go back and redo all these steps to reset the attestation values back to 0.

    If there is still an error, verify in sqlite database editor that all attest release keys values in dg.db are 0 when dg.db is read only (owner and group).

    Again, YMMV but this worked for me, so I give it back to the community now.

    Edit: recent activities did show up soon afterwards for the payment method.

    Cheers,
    B.D.
    View
    28
    1nikolas
    1nikolas
    The app is finally public! (thanks Google for taking a week to approve this 🤦)
    I made it beta testing since I haven't tested it on much devices. If you find any problem, please open an issue here and I'll take a look at them once I return from vacation.

    Play Integrity API Checker - Apps on Google Play

    Get info about your Device Integrity through...
    play.google.com play.google.com

    Source code:

    GitHub - 1nikolas/play-integrity-checker-app: Get info about your Device Integrity through the Play Intergrity API

    Get info about your Device Integrity through...
    github.com github.com

    GitHub - 1nikolas/play-integrity-checker-server: Node-js server for the Play Inegrity API Checker app

    Node-js server for the Play Inegrity API...
    github.com github.com

    If you are curious, the possible outcomes I've seen are:
    • 3 ticks (unrooted samsung)
    • tick/tick/x (unrooted redmi note 4 with unlocked bootloader)
    • x/tick/x (my rooted a11 op7t)
    View
    23
    1nikolas
    1nikolas
    UPDATE 1/8/2022
    This app is officially discontinued in favor of a new app I published on Play Store. Read more here:

    [Discussion] Google Pay Magisk Discussion Thread

    This thread is inspired by the PoGo Magisk...
    forum.xda-developers.com forum.xda-developers.com

    ====================
    ORIGINAL MESSAGE:

    I just made this simple app which tells you if your device passes the new Play Integrity API (which is presumably what Google Pay and Play Store use to detect root now). If you don't trust random apks from the internet feel free not to use this. I'll upload the source code at a later time since it's very junk now (probably on github).
    You can use it to play around and see if you manage to get it to pass without having to mess with Google Pay. There are screenshots of the 2 possible outputs (pass screenshot is from an online emulator).
    Also I didn't test it much since I don't have many devices that can pass. Hope it works fine 🤞

    Hope this helps someone find a solution :)

    EDIT:
    Here is a quote from Google of what exactly "Does not meet device integrity" mean:
    The app is running on a device that has signs of attack (such as API hooking) or system compromise (such as being rooted), or the app is not running on a physical device (such as an emulator that does not pass Google Play integrity checks).
    ...
    If you are having problems with your testing device meeting device integrity, make sure the factory ROM is installed (for example, by resetting the device) and that the bootloader is locked.
    Click to expand...
    Click to collapse
    View

New posts