Question [Magisk] Google wallet (pay) with magisk

[Danishblunt]

Saw on reddit that some people have issues with google pay, since the new update added some new checks. So here is what you do:
- Update Magisk to 25.2, Update magisk app to 25.2 as well
- Rename Magisk app if you havent already
- [ OPTIONAL ] Add all google apps on deny list (good practice in case google wants to detect root throught their other apps)
- install these modules: https://github.com/Magisk-Modules-Repo/MagiskHidePropsConf and https://github.com/kdrag0n/safetynet-fix
- then:

step 1.) Download any terminal (I use termux)
step 2.) type SU
step 3.) type props
step 4.) edit device fingerprint
step 5.) follow the onscreen promt
step 6.) once successfully changed, reboot device
optional (i didnt have to but you can try) reset google play, play services and google wallet appdata.
step 7.) enjoy working google wallet.

- Reboot

NOTE: Remeber to clear google wallet just in case.

ANOTHER NOTE: If your device is not on this list: https://github.com/Magisk-Modules-Repo/MagiskHidePropsConf/blob/master/common/prints.sh

then you'll have to manually obtain an old fingerprint for your device, its all on here how to do:

MagiskHidePropsConf/README.md at master · Magisk-Modules-Repo/MagiskHidePropsConf

This tool is now dead... Contribute to Magisk-Modules-Repo/MagiskHidePropsConf development by creating an account on GitHub.

github.com

Enjoy.

EDIT: Alternatively try this:
https://github.com/Displax/safetynet-fix/releases/
it wont work for all from what I know but it was successful for some.

 

[deechte]

I'm very grateful for this guide, thank you so much! I'm not an ace at this, rooted my device long ago and simply kept updating.

The recent developments at Magisk got me so confused. I follow the Magisk - The Age of Zygisk thread, but there are so many things I don't understand and problems people have, that I was going to give up. I was still on Magisk v23 because of all of this. And then Google Wallet recently started complaining about root on my device.

So happy I found this thread with a simple step by step approach. After clearing data of the Wallet app, Play Store and Play Services I obviously had to re-add my banking card to it, and I was able to successfully do it. No warnings so far in the app, but I still have to make my first payment.

Update: by now I've been able to pay multiple times without trouble.

Edit: bootloader is unlocked.

 

[LoredoJC]

On my ZE620KL nothing worked, many tries, I waited a few days and it didn't work. Even changing the rom for an official Asus rom (without root) the app kept saying that the device is not safe. It only started to allow contactless payment after relocking the bootloader. I believe that in my case, gpay did not work by detecting the unlocked bootloader.

Edit
The device passed all tests, safenet, Google protect, basic, CTS (with root).

but it still only worked after relocking the bootloader

 

[Clasimodo]

On Samsung I didn't even have to hide Magisk. Magiskhide Props Config did the job. I had Universal SafetyNet Fix already installed, but don't know if that is necessary for wallet to work. I paid in different places without a problem.

 

[oksagi]

Pixel 6 with latest Magisk 25.2.
MagiskHide Props module.
Changed the fingerprint, cleared cache for Playstore, Play services and walled app.
I was able with these steps to pay via wallet yesterday.

Thanks for the workaround!

 

[Rpgilligan85]

This worked for me, I also added google pay and google wallet to the deny list. Thanks for the instructions!

 

[Kaiyum]

Redmi Note Pro 9 with Magisk 25.2 ,Gpay worked fine after this,tho there is no Joyeuse cert(even tho in the list ??) So just changed to other device and now is working <3

 

[Rayfen Windspear]

Update on my Pixel 2. I changed the fingerprint to Pixel 6 and it let me add my card. Netflix updated as well. Looks like they are starting to deprecate some of the *really* older fingerprints.

 

[mj084]

On Samsung I didn't even have to hide Magisk. Magiskhide Props Config did the job. I had Universal SafetyNet Fix already installed, but don't know if that is necessary for wallet to work. I paid in different places without a problem.

Here too on OnePlus 7T - worked some days before using MagiskHide Props Config - now I installed the module and setted a certified Fingerprint and I was able to add my credit card to Google Wallet

 

[Rayfen Windspear]

Another update from me on Pixel 2. Changing the fingerprint from an Android 11 print to 12 caused my Camera app to update, totally breaking it on launch. Had to reverse my fingerprint back to Pixel 2 @ 11 to get my camera back up. I AM running LineageOS on 12 (12.1), but it looks like the Camera app is fingerprint dependent. Appears everything still works on the Pay side. Note that I haven't gotten around to making a payment yet, but the app no longer simply rejects me. I've yet to have it fail without it telling me to get lost from the app beforehand.

Looks like the GPay/Wallet/Play Store only check periodically and cache the results. Seems strange for something they would want to lock down pretty tight like Card payments... but whatever. Works for me at the moment.

I suspect I'll possibly have to mess with my fingerprint eventually again. If/when I do, I'll be sure to report back if it's the device they may have blacklisted, or if it was the Android 11 fingerprint. I'd suspect it's the device, not the OS though. It's certainly getting on the old side

 

[Rayfen Windspear]

Fingerprint back to Pixel 2 at android 11 restored my camera, but after a day or so, killed gpay again . Any other fingerprint makes my camera want to update and break. Going to try several to see what correlation there is between OS and device that causes success. Trying Pixel 3 @ 11 right now. Have to wait for caches to settle before gpay decides I'm kosher again though.

 

[Rayfen Windspear]

Well, now I'm stuck with a choice between a working camera app, and having Pay work . Updating my fingerprint to anything causes the camera app to update and throw an unsupported device error. Manually extracting and installing the camera app causes it to crash unable to load some shared library file.

Leaving the fingerprint on Pixel 2 @android 11 brings back the camera, but breaks Pay for the whole Wallet... Although it has let me add cards/methods without issue, and doesn't whine that I'm rooted when tapping on "not set up" like it does when you are rooted and have zero Pay mitigations.

So now I'm just waiting again to see if it will spring alive again after a bit, and then I'll tackle trying to get the right camera version installed without letting the stupid play store update it.

 

[deechte]

Well, now I'm stuck with a choice between a working camera app, and having Pay work . Updating my fingerprint to anything causes the camera app to update and throw an unsupported device error. Manually extracting and installing the camera app causes it to crash unable to load some shared library file.

Leaving the fingerprint on Pixel 2 @android 11 brings back the camera, but breaks Pay for the whole Wallet... Although it has let me add cards/methods without issue, and doesn't whine that I'm rooted when tapping on "not set up" like it does when you are rooted and have zero Pay mitigations.

So now I'm just waiting again to see if it will spring alive again after a bit, and then I'll tackle trying to get the right camera version installed without letting the stupid play store update it.

If your camera app updates through play store, you could disable automatic updates. If it updates without play store, maybe installing AFWall+ and blocking internet access for it might work?

 

[Rayfen Windspear]

If your camera app updates through play store, you could disable automatic updates. If it updates without play store, maybe installing AFWall+ and blocking internet access for it might work?

I disabled auto update, then I walk away from it and and come back to find it had updated.

As to Pay update. I was changing my fingerprint all day yesterday playing with the camera, but I did a system update overnight, and Pay activated. It's been a while since I've opened recovery and wiped dalvik/cache. LineaogeOS recovery doesn't have that option. I wonder if changing fingerprint then clearing it would avoid having to wait.

 

[Rayfen Windspear]

Now this

Here we go again...

 

[Danishblunt]

Well, now I'm stuck with a choice between a working camera app, and having Pay work . Updating my fingerprint to anything causes the camera app to update and throw an unsupported device error. Manually extracting and installing the camera app causes it to crash unable to load some shared library file.

Leaving the fingerprint on Pixel 2 @android 11 brings back the camera, but breaks Pay for the whole Wallet... Although it has let me add cards/methods without issue, and doesn't whine that I'm rooted when tapping on "not set up" like it does when you are rooted and have zero Pay mitigations.

So now I'm just waiting again to see if it will spring alive again after a bit, and then I'll tackle trying to get the right camera version installed without letting the stupid play store update it.

Well if thats the only issue, why not download a gcam mod for your pixel 2 instead?

 

[ihavenolifee]

What do you do to clear google wallet data if it's embedded in a Pixel 6? Having issues with it currently.

 

[V0latyle]

My phone passed all the tests but would not work with Wallet. Tried fingerprint in props but my phone or variants of not listed. Followed Reddit suggestion of disabling/removing Props and flashing modded safetynet fix 2.32 modded by Displax over normal one. That solved my problem with my Oukitel F150 R2022

The reason for this is that Google has deprecated the SafetyNet certifications in favor of the new Play Integrity API, which uses 3 fields:

MEETS_DEVICE_INTEGRITY

• The app is running on an Android device powered by Google Play services. The device passes system integrity checks and meets Android compatibility requirements. This is replacing SafetyNet's ctsProfile. This is what USNF fixes.

MEETS_BASIC_INTEGRITY

• The app is running on a device that passes basic system integrity checks. The device may not meet Android compatibility requirements and may not be approved to run Google Play services. For example, the device may be running an unrecognized version of Android, may have an unlocked bootloader, or may not have been certified by the manufacturer. This is replacing SafetyNet's basicIntegrity, and means that Play Services has not detected root.

MEETS_STRONG_INTEGRITY

• The app is running on an Android device powered by Google Play services and has a strong guarantee of system integrity such as a hardware-backed proof of boot integrity. The device passes system integrity checks and meets Android compatibility requirements.
  This is replacing SafetyNet's Hardware Attestation, and uses the Android system's Trusted Execution Environment to guarantee process security. This will not pass with an unlocked bootloader, and cannot be spoofed as it specifically relies on hardware security; unlocking the bootloader "breaks" TEE.

The workaround for this is the modded USNF module by @Displax which spoofs an older fingerprint causing apps to fall back to the "old way" of using only the DEVICE and BASIC fields. I imagine at some point in the future, app developers (especially large ones like Google) will eventually remove this fallback in their apps, which will mean that anyone whose device does not pass Play Integrity will not be able to use the app. This will include everyone running versions of Android older than 8.0, when TEE was implemented.

 

[pndwal]

Would you consider possibly boiling this down to a fairly simpler explanation that we can sticky? It's likely this will be the topic of quite repetitive questions going forward.

I tried to explain it somewhat simply here, please let me know how far I missed the mark

Wow.. another thread ... Perhaps we could condense this in @Didgeridoohan's GPay thread?

Anyway, since you asked me to critique, it's there:
https://xdaforums.com/t/discussion-google-pay-magisk-discussion-thread.3906703/post-87274413

PW

 

[arwindr79]

Thanks for the instructions, finally managed to make a payment today. Sprint LG G8 crossflashed to A11, Magisk 25.2, google pay worked fine but broke after the update to wallet. Even though my exact model number wasn't on the fingerprint list, the G8 fingerprint which is listed seems to be working fine.

 

[jono0080]

Saw on reddit that some people have issues with google pay, since the new update added some new checks. So here is what you do:
- Update Magisk to 25.2, Update magisk app to 25.2 as well
- Rename Magisk app if you havent already
- [ OPTIONAL ] Add all google apps on deny list (good practice in case google wants to detect root throught their other apps)
- install these modules: https://github.com/Magisk-Modules-Repo/MagiskHidePropsConf and https://github.com/kdrag0n/safetynet-fix
- then:

step 1.) Download any terminal (I use termux)
step 2.) type SU
step 3.) type props
step 4.) edit device fingerprint
step 5.) follow the onscreen promt
step 6.) once successfully changed, reboot device
optional (i didnt have to but you can try) reset google play, play services and google wallet appdata.
step 7.) enjoy working google wallet.

- Reboot

NOTE: Remeber to clear google wallet just in case.

ANOTHER NOTE: If your device is not on this list: https://github.com/Magisk-Modules-Repo/MagiskHidePropsConf/blob/master/common/prints.sh

then you'll have to manually obtain an old fingerprint for your device, its all on here how to do:

MagiskHidePropsConf/README.md at master · Magisk-Modules-Repo/MagiskHidePropsConf

This tool is now dead... Contribute to Magisk-Modules-Repo/MagiskHidePropsConf development by creating an account on GitHub.

github.com

Enjoy.

Worked a treat on s21 ultra followed step by step now have it working again