Last edited:
MAGISK MODULE ❯ Universal SafetyNet Fix 2.4.0
- Thread starter kdrag0n
- Start date
That's what I thought but others have brought it up in recent pages of this thread so I wasn't sure if I was missing something.
This version seems to be working great for me on my Pixel 7 Pro with Feb patch! CTS profile passes consistently now and I am meeting both basic and device integrity. I didn't clear data for anything, just installed this test version over the previous 3.0 mod and all seems good. Thanks a lot for your hard work!
This seems to work on Pixel 7.
Attachments
You sir are a Chad. 7pro CTS passing again as well as MEETS_DEVICE_INTEGRITY.
JakeDHS07
Senior Member
TKruzze
Senior Member
Can confirm it's working on Pixel 7. This is only module installed.
Just want to add that the first time I opened Google wallet I got the message that tap and pay wouldn't work, but after clearing the message I went to my bank and sure enough tap and pay is absolutely working! Thank you Dev!!!
Bear with me, can add cards, haven't tried to GPay yet.
Updated to Mod_3.0, cleared cache Wallet and GPS
reboot and failed Meets_device_integrity, Wallet sees root
In DenyList, unchecked Google Play Protect and for Wallet unchecked lifeboat
cleared cache wallet and GPS
Added cards
still failing Meets_device_integrity, Wallet not warning about root
will update post tomorrow morning after I try to get on the subway
Updated to Mod_3.0, cleared cache Wallet and GPS
reboot and failed Meets_device_integrity, Wallet sees root
In DenyList, unchecked Google Play Protect and for Wallet unchecked lifeboat
cleared cache wallet and GPS
Added cards
still failing Meets_device_integrity, Wallet not warning about root
will update post tomorrow morning after I try to get on the subway
Updated to to "safetynet-fix-v2.3.1-MOD_3.0.zip" on my pixel 6a with stock rom with magisk on it. 2 green checkmarks again! Adding a card to Google wallet works, haven't tested to actually pay with my phone.
Just an update on this, I've noticed that Google wallet occasionally says my device may be jailbroken or running uncertified software and tap to pay won't be available, however it still works and SafetyNet still passes (the pay contactless setup in wallet also says my phone meets security requirements). It didn't happen before on kdrag0n's USNF 2.4.0 (before the background GPS update too presumably) so I'm not sure why this is occurring. Always scares me to see that pop up haha but I suppose as long as tap to pay is still working and SafetyNet is still passing then it's fine.
No luck for me, it still fails using the modded version provided by @Displax 
Related info:
Related info:
- Poco F1 (Beryllium) - PixelOS (A13)
- Magisk Delta (Zgisk enabled, also HideList)
- Cleared both Google Play and Play Services data, restarted device couple times
Attachments
@Displax Pixel 7 Pro with Feb stable and 3.0 and Shamiko works perfectly, normalcy is restored. I don't add play store in deny list when using your mods in deny list to circumvent my phone showing up as a Nexus 6p in the devices list in my Google account under security tab. Thank you once again.
Ignore me. I was able to add cards. We'll see about spending money tomorrow
Last edited:
Similar threads
Top Liked Posts
-
There are no posts matching your filters.
-
4For those using Canary builds
Please be aware that in 25207+ major refactoring (of selinux rule patching) has broken many modules etc... This is likely the cause of issues with hiding using recent builds as Shamiko is affected... Please see discussion in Magisk Discussion thread...
You could revert to 25206 or wait for fixes hopefully in 25211...
PW3[MODULE] [MOD] Universal SafetyNet Fix
Universal SafetyNet Fix [MOD] Magisk module...
forum.xda-developers.com
3
With Integrity and CTS do you refer to the deprecated SafetyNet or the 'new' Play Integrity API?so I'm on android 13, pixel 6a. Got Integrity
and CTS match and also Play Store as Certified. Although, still no google pay or banks access. Any hints to get this working or it this fix not fully functional on 13 as of yet?
Thanks!
Also, are you using USNF from this thread or the newer/better safetynet-fix-v2.4.0-MOD_1.2 from the other thread?
Look into the other USNF thread from Displax and find more info in the thread about GPay
Btw, banking apps do not rely only on PI API - they try many other detections od root, hence you might need (things vary from app to app) Shamiko, Hide My Applist or even the Magisk Delta fork
The best would be to search through the Magisk related threads here on XDA, how the other user(s) solved the root detection from your particular banking or similar app3
Yes! I was trying to find the link for that mod. This worked. Thanks!
-
315Universal SafetyNet Fix
Magisk module
Magisk module to work around Google's SafetyNet attestation.
This module works around hardware attestation and recent updates to SafetyNet CTS profile checks. You must already be able to pass basic CTS profile attestation, which requires a valid combination of device and model names, build fingerprints, and security patch levels.
If you still have trouble passing SafetyNet with this module, use MagiskHide Props Config to spoof a certified device profile. This is a common issue on old devices, custom ROMs, and stock ROMs without GMS certification (e.g. Chinese ROMs).
Android versions up to 13 Beta 3 are supported, including OEM skins such as Samsung One UI and MIUI.
How does it work?
The way this workaround works is relatively low-level. An in-depth explanation, as well as source code and ROM changes, can be found on GitHub.
Ideally, this workaround should be incorporated in custom ROMs instead of injecting code with a Magisk module. See the ProtonAOSP website for more information.
Downloads
Downloads and changelogs can be found on GitHub. The topmost release is the latest.
Latest release
v2.4.0
Highlights
- Play Integrity bypass without breaking device checks or causing other issues
- Disabled use of hardware attestation on Pixel 7 and newer (@anirudhgupta109)
- Updated instructions for newer Android and Magisk versions
- Better debugging for future development
It's taken a while to find a way to bypass Play Integrity that doesn't require spoofing the build fingerprint permanently, but I wanted to make sure this module doesn't cause any unnecessary breakage. Just like the original goal of Universal SafetyNet Fix, this minimizes adverse effects by spoofing dynamically at runtime only when necessary. Enjoy!
If you found this helpful, please consider supporting development with a recurring donation for rewards such as early access to updates, exclusive behind-the-scenes development news, and priority support.
Alternatively, you can also buy me a coffee. All support is appreciated
Source code215So, here is my modification of USNF with Play Integrity API bypass.
It changes fingerprint to old7.1.26.0 (LOL) and apply it only for GMS SafetyNet process (by Zygisk injection), so your original prints/security path level does not change. This avoids many side effects/problems with global props changing.
Updated 3.0:
No words needed, you understand everything yourself
Updated 2.1:
Hide "Enable OEM Unlock" setting
Updated 2.0:
Bypassing DEVICE_INTEGRITY for devices that shipped with Android 13+ (Pixel`s 7 )
Updated:
Drop fingerprint to lowest possible (6.0) to ensure that no one use same Android version
Usage:
1. Delete/disable/reset MagiskHidePropsConfig (if installed).
2. Just install it over old Universal SafetyNet Fix and reboot device.
3. You may be needed to wipe GMS data (not cache) if there is no result immediately.
Many thanks to @1nikolas for integrity checker.
Source code: https://github.com/Displax/safetynet-fix/tree/integrity58So, here is my new modification of USNF with Play Integrity API bypass.
It is now based on top of original v2.4.0 codebase instead of v2.3.1, with adding new hiding algorithm for current realities and some code refreshing.
Changelog:
Version 1.2
* Fix crash and endless tests loop/failing on Android < 9.0 (bug from original version 2.4.0).
* Do not unpatch (revert) changes. To prevent possible tests failing after a while on some ROMs (cross conflicts).
Version 1.1
* Fix KeyStore hook desynchronization (tests randomly failing problem).
Usage:
1. Delete/disable/reset MagiskHidePropsConfig (if installed).
2. Just install it over old Universal SafetyNet Fix and reboot device.
3. You may be needed to wipe GMS data (not cache) if there is no result immediately.
Source code: https://github.com/Displax/safetynet-fix/tree/dev31Folks, the SafetyNet API was depreciated last Month with 'full turndown' slated for June 2024 and the introduction of the new Play Integrity API. It has also become clear that Google apps are simply the first to adopt the long foretold Play Integrity API; all responsible banks are bound to follow suit in short order, and at least before the June 2023 migration deadline.
This means (assuming fully deployed Hardware Key Attestation doesn't come first
) that the need for a 'Universal Play Integrity Fix' has become quite urgent.
We currently have workarounds involving using older fingerprint props by means of MHPC module (similar to fix needed for uncertified ROMs), but success/mileage varies per device and users of regular bank apps / gamers etc on stock devices will all soon be forced to experiment with MHPC prints also... This is hardly ideal.
So I've made an issue report/request on USNF GitHub as follows. This information may be insightful to users here also...
Please let me know here if I have missed anything important, or add any technically relevant details there...
PLEASE DON'T spam that issue with unimportant details or queries... (The previous issue is already burgeoning w/ OT.) That's what this thread is for...
:
Here's hoping...
PW29So, created separate thread for my mod. Welcome)
[MODULE] [MOD] Universal SafetyNet Fix
Universal SafetyNet Fix [MOD] Magisk module...
forum.xda-developers.com
