iSu [V7.6][5.1+] Simple app to deactivate activate LineageOS SU at will

[RawMain]

PSD2 checks

Hello

Because of PSD2 (EU's Payments Services Directive) EU banking / payment apps now return KOs, although there is a full OK for passing the SafetyNET / Rootbeer test using iSU.

I'm attaching a sample configuration on LineageOS 15.1, that worked OK also for payment/banking apps before PSD2 new anti-tampering policies.

KO situation still there even after changing unknown status (?) props to safe (green) values & rebooting device. Same KO result also after hiding iSU app.

Therefore, such situation also happens for instance with Google Pay, which no longer allows contactless payments using cards, that were formerly registered / used OK.

I am collecting further information about new anti-tampering controls, in order to verify if/how we can re-allow payments. Meanwhile, I ask @fgl27 and other users if they have dealt with such situation and if they have found solutions/workarounds using LineageOS + iSU.

I can forward/post logs and/or further details if they can be helpful.
.

 

[fgl27]

Hello

Because of PSD2 (EU's Payments Services Directive) EU banking / payment apps now return KOs, although there is a full OK for passing the SafetyNET / Rootbeer test using iSU.

I'm attaching a sample configuration on LineageOS 15.1, that worked OK also for payment/banking apps before PSD2 new anti-tampering policies.

KO situation still there even after changing unknown status (?) props to safe (green) values & rebooting device. Same KO result also after hiding iSU app.

Therefore, such situation also happens for instance with Google Pay, which no longer allows contactless payments using cards, that were formerly registered / used OK.

I am collecting further information about new anti-tampering controls, in order to verify if/how we can re-allow payments. Meanwhile, I ask @fgl27 and other users if they have dealt with such situation and if they have found solutions/workarounds using LineageOS + iSU.

I can forward/post logs and/or further details if they can be helpful.
.

way the fail picture is a picture and not a screenshot of the same device that pass all test?

because for me seems that the device that pass is not the same of the last picture that fails.

I have no idea of what is as you didn't share anything that makes much sense starting on the odd images.

So share the link of the application that fails from play, if I can install I try it, if is something I can't test/try but you can let me know what it's the exact problem if that is something possible to fix from the app side I will.

and what I mean with "exact problem" is what is the exact thing that triggers that app to report a fail when others don't.

 

[RawMain]

PSD2

Hello & Thanks for your prompt reply

way the fail picture is a picture and not a screenshot of the same device that pass all test?

Picture (from Google Pay) and iSU + Rootbeer screenshots belong to same type of device (AMOI L861 running custom unofficial LineageOS 15.1 - Oreo 8.1).

I've posted the image of a test-device that is running build 20190908 and hasn't been updated, in order to show how now Google Pay is returning such root-advice with a credit card (Visa issued by DKB - Deutsche Kreditbank AG) that has been linked and verified by Visa OK for contact-less payment before September 10th (and everything was working OK until such date with Google Pay NFC contact-less payments).

Instead, when you proceed now / after Sep 14th with a clean install (full wipe + flash) of any build, then install Google Pay, you get immediate root-advice when trying to link EU issued credit cards in your Google account to Google Pay contact-less payment.


As I've written before, it's related to PSD2 - European Union Directive new anti-tampering controls, that are made during Verified by Visa and Mastercard Secure checks = even using iSU in hide mode + all green, there is a KO when trying to link and verify an EU credit card for contact-less payment

With stock/official firmwares that have been rooted, such PSD2 KO situations with Google Pay and other EU Banking Apps can be solved by hiding root and root-manager app & uninstalling those apps that require root to run (such as AdAway, Kernel Adiutor, etc.) . I'm attaching a screenshot about it (link is from a German Forum - XDA board doesn't allow to insert it).

Tried even same rooted-app-check/removal workaround with CyanogenMod 13.0 / LineageOS 15.1 + iSU 7.5 configurations (that were working OK with Google Pay contact-less link before PSD2 new checks), but until now nothing hasn't been successful.

-----------------------
EDIT 26/09/2019 : Done further investigation/checks. According to PSD2 policies there is also a double check (local and remote request/response) against getprop and apps/services list = when such check detects specific references (such as root-only-app package names or strings containing cyanogen or lineage) it triggers a tampering alert and returns KO.

Therefore, such PSD2 issues are NOT related to iSU, that is working right as usual in order to allow other SafetyNET / root checks.
-----------------------

 

[fgl27]

App update V 7.6

No need to update reboot support

Changelog
Download Link
XDA LABS update


Enjoy it :good:

 

[fgl27]

On latest changelog we have "Support for Android 10 even though there is no Lineage SU on Android 10 (check XDA thread to know way this is a thing)"

Even though Lineage kill SU on android 10 it still works, not as good as before and needs ROM modifications to work but it does.

So just in case any ROM developer has the same issue that I have (no SU support for the device) I made a workaround
https://github.com/fgl27/device_motorola_quark/commit/81fc811972ca75e00da180c434c4740b02b38be1

Using that commit and building SU from source one has SU back working, the setback is that this SU lacks the UI that allows to give SU access as it isn't present on Android 10, so this SU just gives access on request without any confirmation from the user.

As we have iSu one can just let SU disable and only enable when using a know ROOT app, that is how I do it.

Maybe someday a better SU option works on my devices as right now none does so I have this, if you have similar issue that is a solution to get Lineage SU back working on Android 10.