• Introducing XDA Computing: Discussion zones for Hardware, Software, and more!    Check it out!

[How To] Bypass Lloyds and Santander Root Detection

Search This thread

mrsweet1991

Senior Member
Oct 1, 2014
147
54
Hi All,

I've seen mention of Santander but not of Lloyds bypassing the root detection. After much trial and error it's quite simple and my method will bypass both Santander and Lloyds. If bypassing Santander just do the same for the Santander app as ive said to do with Lloyds.

<--Update 08/06/19-->

Having flashed a new rom and following my steps again I received the detection message again but was resolved by using the Canary build of Magisk Manager.

To get Magisk Manager Canary click the link below:

https://github.com/topjohnwu/magisk_...pp-release.apk

Once installed, open Magisk Manager and go to

settings > Update Channel > Canary

Go back to Magisk home screen and swipe down to check for updates, you'll receive an update for the canary build. Once you update follow the guides original steps below.

<--End of update-->

In Magisk Manager Settings:
Enable Magisk Hide
Enable Sytemless Host
And if the option is available select "Hide Magisk"

In Adaway:

Download my exported blacklist from:

https://drive.google.com/file/d/1xCBB4iVA65gJTTYqbhU1qTlghVYyAL1S/view?usp=drivesdk

Then in adaway click the 3 dots in the top right to open the menu, select "Your Lists" then press the menu button again in the top right and press "Import all lists" and select the file you downloaded.

With the urls added go back to the adaway main screen and press "Download Files and Apply ad blocking" and Reboot device. If "Download Files and Apply Ad Blocking" doesn't appear, click "check for updates" and then download them which will do the same thing.

Once your phone has restarted install the Lloyds Banking app but don't open it. Go into Magisk Manager and select Magisk Hide from the menu and tick the Lloyds Banking app. Reboot phone and Lloyds should work perfectly!

I managed to do this from researching other threads and adding my own bits in so credit due elsewhere as well, as usual you can follow this guide but do so at your own risk, i take no responsibility :D
 
Last edited:

steve51184

Senior Member
Dec 26, 2013
452
86
This should also work for Halifax and TSB but with a different URL nice work but what happens if they fix this? No banking app again....

Also do you know how to get past Natwest?
 
  • Like
Reactions: DaystromLIVR

mrsweet1991

Senior Member
Oct 1, 2014
147
54
Hi Steve,

This is the first time ive noticed an application that has gone to greater lengths and was relatively easy to bypass. Given how long it took to come up with this technique of connecting to a url to blacklist your device i cant see them coming up with something new anytime soon.

All that is required to bypass this new technique is to log dns requests in Adaway and with the listed urls the app connected to for the login you simply block the urls and leave 1 out. Take for example Lloyds used 3 urls, i blocked two leaving only one allowed but Lloyds couldnt connect so that url was genuinely used to login, i then knew to allow that url and focus on the other two finally figuring out it was that url i listed that was being used to connect and block my device. With the app unalee to connect to that url it cannot verify if my device is blacklisted. Its time consuming as you need to restart after each new url you blacklist but its simple to do.
 

Muresan01

Senior Member
Mar 24, 2015
84
18
Hi All,

I've seen mention of Santander but not of Lloyds bypassing the root detection. After much trial and error it's quite simple and my method will bypass both Santander and Lloyds. If bypassing Santander just do the same for the Santander app as ive said to do with Lloyds.

First go into the Lloyds app info (hold on Lloyds App icon and select "App Info") or you can do the same by going to "Settings > Apps > Lloyds Bank" and then select "Storage" and press "Clear Data". With all the stored information removed uninstall the Lloyds Banking app completely and reboot your device.

In Magisk Manager Settings:
Enable Magisk Hide
Enable Sytemless Host
And if the option is available select "Hide Magisk"

In Adaway:

Download my exported blacklist from:

https://drive.google.com/file/d/1xCBB4iVA65gJTTYqbhU1qTlghVYyAL1S/view?usp=drivesdk

Then in adaway click the 3 dots in the top right to open the menu, select "Your Lists" then press the menu button again in the top right and press "Import all lists" and select the file you downloaded.

With the urls added go back to the adaway main screen and press "Download Files and Apply ad blocking" and Reboot device.

Once your phone has restarted install the Lloyds Banking app but don't open it. Go into Magisk Manager and select Magisk Hide from the menu and tick the Lloyds Banking app. Reboot phone and Lloyds should work perfectly!

I managed to do this from researching other threads and adding my own bits in so credit due elsewhere as well, as usual you can follow this guide but do so at your own risk, i take no responsibility :D

Works perfectly
Thank you !
 

haybill

Senior Member
Apr 13, 2012
2,021
780
Somewhere in Europe
Sent from my SM-N910F using Tapatalk

Sorry, removed my post-- found both XDA source and FDroid source for Adaway, doh!!
Just want to say Thanks for putting this together, there are several Threads giving info but this one has got it all in an easy to use format.

Sent from my SM-N910F using Tapatalk
And, finally, after about a month of failing to access my Bank account--- success, after following all the necessary actions, I can now once again use Online Banking via the App.
Let's hope they don't make further changes that mean we can't, in the future.
 
Last edited:

spwyatt

Member
Nov 2, 2007
13
0
Sadly it doesn't work for me.

Santander app on Oneplus 5T.

Get the solid red screen for a second or so then "Santander UK has stopped"

Is this what usually happens if the app detects root?

Cheers!
 

kf06925

Member
Feb 10, 2013
21
8
Dublin
Sadly it doesn't work for me.

Santander app on Oneplus 5T.

Get the solid red screen for a second or so then "Santander UK has stopped"

Is this what usually happens if the app detects root?

Cheers!
I'd expect the app to tell you that you have a rooted phone instead of crashing. I'd try clearing data again, then removing the app completely and making your you followed the instructions fully.
If you haven't Magisk 17.1 then getting this together with the latest stable manager is also recommended. For a weird reason 16.4 has issues for me after some ROM update and wouldn't pass the Safetynet check any longer (even after complete removal and magisk reinstall). However, 17.1 somehow fixed it for me.

While I'm no fully sure about Santander, uninstalling and reinstalling the app also was essential for Lloyds on my phone (just clearing data and adding + applying the blacklist still showed the rooted message).
Good luck,
 

Lewis

New member
Sep 10, 2018
3
0
Kent
This thread is amazing, good work OP!

I am having an issue unfortunately when it comes to selecting the downloaded item. I'm unable to select the file from my Downloads, slight grey hue and long holding tap does nothing. (I'm trying to import)

I've checked and in the Downloads manager the file definitely exists, I just can't seem to apply it.

Any ideas?

EDIT: I solved the issue by granting Adaway storage permissions and importing the file from my Google Drive.
 
Last edited:

Top Liked Posts

  • There are no posts matching your filters.
  • 24
    Hi All,

    I've seen mention of Santander but not of Lloyds bypassing the root detection. After much trial and error it's quite simple and my method will bypass both Santander and Lloyds. If bypassing Santander just do the same for the Santander app as ive said to do with Lloyds.

    <--Update 08/06/19-->

    Having flashed a new rom and following my steps again I received the detection message again but was resolved by using the Canary build of Magisk Manager.

    To get Magisk Manager Canary click the link below:

    https://github.com/topjohnwu/magisk_...pp-release.apk

    Once installed, open Magisk Manager and go to

    settings > Update Channel > Canary

    Go back to Magisk home screen and swipe down to check for updates, you'll receive an update for the canary build. Once you update follow the guides original steps below.

    <--End of update-->

    In Magisk Manager Settings:
    Enable Magisk Hide
    Enable Sytemless Host
    And if the option is available select "Hide Magisk"

    In Adaway:

    Download my exported blacklist from:

    https://drive.google.com/file/d/1xCBB4iVA65gJTTYqbhU1qTlghVYyAL1S/view?usp=drivesdk

    Then in adaway click the 3 dots in the top right to open the menu, select "Your Lists" then press the menu button again in the top right and press "Import all lists" and select the file you downloaded.

    With the urls added go back to the adaway main screen and press "Download Files and Apply ad blocking" and Reboot device. If "Download Files and Apply Ad Blocking" doesn't appear, click "check for updates" and then download them which will do the same thing.

    Once your phone has restarted install the Lloyds Banking app but don't open it. Go into Magisk Manager and select Magisk Hide from the menu and tick the Lloyds Banking app. Reboot phone and Lloyds should work perfectly!

    I managed to do this from researching other threads and adding my own bits in so credit due elsewhere as well, as usual you can follow this guide but do so at your own risk, i take no responsibility :D
    5
    I think we should start leaving bad reviews on the play store for apps that go to extreme lengths to detect root/custom recovery, especially in the case of apps that treat you like a criminal just for having a custom recovery, when you aren't even rooted.
    If an app still detects that you've been "jailbroken" (eugh) when you've tried everything possible to hide it, then whatever it's doing in your file system is extremely intrusive, and that's a good enough reason to try and knock a star off their review score if you ask me.
    Apologies if this is off topic, but it's really pissing me off that so many app developers treat people like criminals just for wanting to have full control of our own devices, or to get a bit more life out of phones that would otherwise succumb to planned obsolescence when the official firmware updates dry up. Screw these guys.
    4
    This app (Santander UK) is using Isolated Process and a scan of your installed apps to detect root.

    Just use latest Magisk Canary + Repack of Manager + Riru Core v. 23.9 + Unshare Module (to enable Magisk Hide for Isolated Process) and this app will work perfectly with root. I tested on my device. (Mi 9T Pro + MIUI 12.5 - A11)

    Riru Core v. 23.9 can be downloaded from Magisk Repo.

    Download Riru Unshare Module from the link below:


    Enable Magisk Hide for the app and its processes (uk.co.santander.santanderUK and uk.co.santander.santanderUK : oa.UB)

    If the app FC right after starting you need to search for a possible installed app triggering the detection or simple revoke the permission "Get info about installed apps" at app settings (this can differ from device to device)

    After every update of the app the Isolated Process name can be different so just re-add it to Magisk Hide again and everything should be fine.

    More info about the exploit (Isolated Process) used by a large numbers of banks to detect Magisk:

    3
    Storage Isolation (storage redirect) app from playstore also works for Santander (maybe others too?) without using island app.
    Trial version (redirect for up to 3 apps) in basic mode enabled for Santander app (plus magisk hide) worked for me.
    3
    I have had success accessing Santander UK on a OnePlus 8 Pro rooted with Magisk. I've uploaded a video to show my settings and Magisk modules and although there are more modules installed now, I had success with just Riru and Riru-MomoHider installed. I'll include the steps I went through underneath as well, I don't know if only some of the steps are neccessary but this the combination of things that seemed to work for me. Hopefully, this helps some of you get Santander working!


    1. Install latest (23.0) stable build of Magisk
    2. Enable Magisk Hide and add the Santander app to the list
    3. Hide the Magisk app
    4. Install Riru module
    5. Install Riru-MomoHider module (https://github.com/canyie/Riru-MomoHider ) - put zip file on phone and install module locally in Magisk)
    6. Using a file explorer with root access go to \data\adb\modules\riru_momohider\config - create 4 files with the following names:
    initrc
    isolated
    app_zygote_magic
    setns
    7. Install Airfrozen from Google Play Store
    8. Add renamed Magisk in Airfrozen. Once added, long-press the icon and freeze app.
    9. You should now have access to Santander app (if it does not work long-press, go to App Info and delete cache and data.
    -Optional-
    10. Once finished, add Santander app to list in Airfrozen and freeze Santander before thawing Magisk. This stops you needing to delete info and cache and having to login again on the app next time you wish to use. When you want to use Santander, freeze Magisk first and then thaw Santander.