No, the mechanism on which Play Integrity relies on for
STRONG_INTEGRITY
was implemented in Android 8.0, and uses Hardware Key Attestation as well as the Trusted Execution Environment to certify that operations performed on the device can be trusted.
More information here. The "turning point" is with app developers - some developers, such as Google, are implementing support for Play Integrity in their apps
alongside the legacy SafetyNet API. There will likely come a time when they end support for SafetyNet, meaning applications that rely exclusively on Play Integrity will not work on modified/rooted devices, devices with broken keystores, or devices running Android versions older than 8.0.
Put simply, the reason why the modded SafetyNet module works is because it essentially "forces" applications to use the SafetyNet API by making the device appear as though Play Integrity isn't available. At some point, however, when app developers remove legacy support for SafetyNet and move exclusively to Play Integrity, those apps will no longer work on devices that do not or cannot meet full Play Integrity attestation.
It's basically a question of time and whether they're willing to end support for older Android versions. When that time comes, our only option will likely be using modded versions of the apps themselves - which likely won't work because of the authenticated server side - or just go without. It's pretty much impossible to hack Play Integrity because of the mechanisms involved - you can "fix" your device in such a way that it will meet
BASIC_INTEGRITY
and
DEVICE_INTEGRITY
, but the
only way to meet
STRONG_INTEGRITY
is by running a completely unmodified Android 8.0+ OS on a locked bootloader.