MAGISK MODULE ❯ Universal SafetyNet Fix 2.4.0

Search This thread
By:
Advanced…
A

antonioxerez

Senior Member
Jun 10, 2013
51
9
immortalwon said:
You could sideload a zip, yes. Should work the same way as sideloading in TWRP.
Click to expand...
Click to collapse
Thanks a lot, it finally worked with Magisk alpha so, because it has worked this way, I tried to uninstall magisk alpha and normal magisk and reinstalling normal magisk and it is working as well without any module installed ... so I do not know what happened in the first place... could be that it just needed to make the initial bank app start without rooting and, after this first start, root the device and apply "denylist" in Magisk...
Thanks all of you for your support :)
 
  • Like
Reactions: swer45
S

swer45

Senior Member
Nov 4, 2019
198
98
Spain
Samsung Galaxy J7
Xiaomi Mi A2 Lite
antonioxerez said:
mmmm, I think root permissions is not the issue because I have granted root permissions to alpha Magisk.
Anyway, about flashing a zip from my recovery I think is not possible... I have LineageOS recovery, not TWRP. The only option I have is "sideload files". I think this is not the same or will it work the sameway if I rename the apk to zip and sideload it through recovery?
Thanks for answering
Click to expand...
Click to collapse
The real question is why are you using LineageOS recovery, do you have that ROM? I don't recommend LOS because it doesn't "hack" to bypass detections, use this module to hide LOS: https://github.com/Magisk-Modules-Alt-Repo/sensitive_props/releases/latest
 
A

antonioxerez

Senior Member
Jun 10, 2013
51
9
swer45 said:
I The real question is why are you using LineageOS recovery, do you have that ROM? I don't recommend LOS because it doesn't "hack" to bypass detections, use this module to hide LOS: https://github.com/Magisk-Modules-Alt-Repo/sensitive_props/releases/latest
Click to expand...
Click to collapse
sorry, I thought I had LineageOS recovery but it seems I have "PixelOS recovery" (that could be is the same, because the interface is exactly the same than LOS recovery...)
P.S. I tried that module as well with no success... anyway, I finally have bank app working :)
 
  • Like
Reactions: swer45
E

Essentrix

Senior Member
Apr 4, 2013
911
192
Samsung Galaxy A52 5G
swer45 said:
To install Magisk Alpha you need to download apk and install it, gives it root permissions and install directly from the app. After the reboot you can uninstall older Magisk app.
Or you can completly uninstall Magisk and install Magisk Alpha using TWRP.
Click to expand...
Click to collapse
Hi,
I can pass safelynet on YASNAC but not Play integrity API checker.
Most bank apps work except one.
Currently using Magisk 26.1, hidden, no enforce list, Shamiko, USNF 2 4.0 mod 1.2.
Noticed you mentioned Magisk alpha. How is this different to Magisk 26.1 and can I go back to 26.1 afterwards if it makes no difference?
I'm using rooted stock 13, no TWRP.
 
S

swer45

Senior Member
Nov 4, 2019
198
98
Spain
Samsung Galaxy J7
Xiaomi Mi A2 Lite
Essentrix said:
How is this different to Magisk 26.1 and can I go back to 26.1 afterwards if it makes no difference?
Click to expand...
Click to collapse
It's closed source and use an undetected Zygisk, you can reinstall original Magisk if you don't like Alpha. Also there are 2 Magisk "alpha", the official (called Magisk Canary) and the vvb2060, the good one is the vvb2060 Magisk. You can download it from his Telegram: https://t.me/s/magiskalpha
 
  • Like
Reactions: Essentrix
M

Mowca

Senior Member
Mar 31, 2018
74
9
Hello
I haven't been able to pay over the phone for a few days.
Yasnac fails "cts profile match" test.
How to solve this problem?
Samsung s10e.
Lineageos 18.1
Magik 23.0
modules:
MagiskHide Props Config v6.1.2
Universal safetynet Fix v2.4.0 by kdrag0n
 
E

Essentrix

Senior Member
Apr 4, 2013
911
192
Samsung Galaxy A52 5G
swer45 said:
It's closed source and use an undetected Zygisk, you can reinstall original Magisk if you don't like Alpha. Also there are 2 Magisk "alpha", the official (called Magisk Canary) and the vvb2060, the good one is the vvb2060 Magisk. You can download it from his Telegram: https://t.me/s/magiskalpha
Click to expand...
Click to collapse
Thanks for the feedback. Do you think its likely to improve my chances of passing safetynet with play integrity API checker?
 
P

pndwal

Senior Member
Jun 23, 2016
6,367
7,172
Sydney
Redmi Note 8
Xiaomi Redmi Note 8 (2021)
Essentrix said:
Hi,
I can pass safelynet on YASNAC but not Play integrity API checker.
Most bank apps work except one.
Currently using Magisk 26.1, hidden, no enforce list, Shamiko, USNF 2 4.0 mod 1.2.
Noticed you mentioned Magisk alpha. How is this different to Magisk 26.1 and can I go back to 26.1 afterwards if it makes no difference?
I'm using rooted stock 13, no TWRP.
Click to expand...
Click to collapse
Alpha works because after disabling Zygisk (which you need to do ATM) you have MagiskHide (old style) restored...

You need to hide root from Starling but you cannot use Denylist or Shamiko as both require Zygisk, and even with native bridge loaded Zygisk (already implemented in Alpha, but still not fully hidable as is evident by Starling detections) injection/hooking is detected by memory scanning (or other means?)...
antonioxerez said:
Thanks a lot, it finally worked with Magisk alpha so, because it has worked this way, I tried to uninstall magisk alpha and normal magisk and reinstalling normal magisk and it is working as well without any module installed ... so I do not know what happened in the first place... could be that it just needed to make the initial bank app start without rooting and, after this first start, root the device and apply "denylist" in Magisk...
Thanks all of you for your support :)
Click to expand...
Click to collapse
Some have reported that Starling app gives you a week's grace from when it detects root until it fails to open... Just a guess on my part, but you may need a non-Zygisk hide solution again when/if that occurs.

🤠 PW
 
  • Like
Reactions: ipdev, zgfg and antonioxerez
E

Essentrix

Senior Member
Apr 4, 2013
911
192
Samsung Galaxy A52 5G
swer45 said:
Magisk Alpha is only required for some apps that detect official Magisk zygote injection. You should pass Play Integrity (device and basic) with official Magisk.
Send screenshot of PI result.
Click to expand...
Click to collapse
Here's my results for both
 

Attachments

  • Screenshot_20230526_165435_YASNAC.jpg
    Screenshot_20230526_165435_YASNAC.jpg
    330.6 KB · Views: 49
  • Screenshot_20230526_165353_Play Integrity API Checker.jpg
    Screenshot_20230526_165353_Play Integrity API Checker.jpg
    145.9 KB · Views: 51
  • Wow
Reactions: swer45
P

pndwal

Senior Member
Jun 23, 2016
6,367
7,172
Sydney
Redmi Note 8
Xiaomi Redmi Note 8 (2021)
Mowca said:
Hello
I haven't been able to pay over the phone for a few days.
Yasnac fails "cts profile match" test.
How to solve this problem?
Samsung s10e.
Lineageos 18.1
Magik 23.0
modules:
MagiskHide Props Config v6.1.2
Universal safetynet Fix v2.4.0 by kdrag0n
Click to expand...
Click to collapse
Disable MHPC... Say if LOS is official or unofficial... ensure you have no mods like selinux switched to permissive flashed from custom recovery... Test with all Magisk modules disabled also, except latest @kdragon USNF... 👍 PW
 
E

Essentrix

Senior Member
Apr 4, 2013
911
192
Samsung Galaxy A52 5G
pndwal said:
Alpha works because after disabling Zygisk (which you need to do ATM) you have MagiskHide (old style) restored...

You need to hide root from Starling but you cannot use Denylist or Shamiko as both require Zygisk, and even with native bridge loaded Zygisk (already implemented in Alpha, but still not fully hidable as is evident by Starling detections) injection/hooking is detected by memory scanning (or other means?)...

Some have reported that Starling app gives you a week's grace from when it detects root until it fails to open... Just a guess on my part, but you may need a non-Zygisk hide solution again when/if that occurs.

🤠 PW
Click to expand...
Click to collapse
Thanks for the detailed feedback. As you'll see in my feedback to another post, I have mixed results with the current setup.
Not sure of the best way forward.
Still appreciate access to you guys; you're quite an amazing wealth of knowledge!
 
  • Like
Reactions: swer45 and pndwal
P

pndwal

Senior Member
Jun 23, 2016
6,367
7,172
Sydney
Redmi Note 8
Xiaomi Redmi Note 8 (2021)
Essentrix said:
Thanks for the detailed feedback. As you'll see in my feedback to another post, I have mixed results with the current setup.
Not sure of the best way forward.
Still appreciate access to you guys; you're quite an amazing wealth of knowledge!
Click to expand...
Click to collapse
Essentrix said:
Here's my results for both
Click to expand...
Click to collapse
Please see my reply above to @Mowca...

Please say device, Rom, what mods/modules you have etc...

One thing to note (often causing issues like yours), - passing ctsProfileMatch with basic attestation has been superseded by deviceIntegrity, but requirements have also been heightened, eg you can no longer run without security enhanced linux, ie. with permissive selinux, so ensure you use current modules for mods like Viper4Android that don't alter system security, and that any custom ROM is properly set to enforce selinux. ROMs should only be released to public with selinux working... Permissive disables many requirements for development/testing purposes only; if a rom relies on permissive selinux it's half baked and insecure.
Essentrix said:
Thanks for the feedback. Do you think its likely to improve my chances of passing safetynet with play integrity API checker?
Click to expand...
Click to collapse
No.

🙂 PW
 
Last edited:
P

pndwal

Senior Member
Jun 23, 2016
6,367
7,172
Sydney
Redmi Note 8
Xiaomi Redmi Note 8 (2021)
swer45 said:
It's closed source and use an undetected Zygisk,
Click to expand...
Click to collapse
Native bridge loading should make Zygisk properly hidable just like N/B-Riru, and it works for many apps that previously detected Zygisk already. My tests and info. here:
https://forum.xda-developers.com/t/discussion-magisk-the-age-of-zygisk.4393877/post-88467665
and in following post...

However it seems that Starling is still able to detect Zygisk, so looks like either more work needs doing on core Zygisk loading etc, or Shamiko (LSP Zygisk companion hiding app) needs further improvement before Zygisk is truly undetectable... This seems to be the crux of the issue with Starling Bank...
swer45 said:
you can reinstall original Magisk if you don't like Alpha. Also there are 2 Magisk "alpha", the official (called Magisk Canary) and the vvb2060, the good one is the vvb2060 Magisk.
Click to expand...
Click to collapse
I think John avoids calling Canary Magisk 'Alpha' partly due to the existence of vvb2060 Alpha fork, and to prevent confusion. 😬
swer45 said:
You can download it from his Telegram: https://t.me/s/magiskalpha
Click to expand...
Click to collapse
... Her telegram. 😉 PW
 
  • Like
Reactions: ipdev
E

Essentrix

Senior Member
Apr 4, 2013
911
192
Samsung Galaxy A52 5G
pndwal said:
Please see my reply above to @Mowca...

Please say device, Rom, what mods/modules you have etc...

One thing to note (often causing issues like yours), - passing ctsProfileMatch with basic attestation has been superseded by deviceIntegrity, but requirements have also been heightened, eg you can no longer run without security enhanced linux, ie. with permissive selinux, so ensure you use current modules for mods like Viper4Android that don't alter system security, and that any custom ROM is properly set to enforce selinux. ROMs should only be released to public with selinux working... Permissive disables many requirements for development/testing purposes only; if a rom relies on permissive selinux it's half baked and insecure.

No.

🙂 PW
Click to expand...
Click to collapse
A52s 5G rooted stock
Magisk 26.1 no TWRP
Shamiko, systemless hosts,
USNF 2.4 mod 1.2
V4AFX 2.7.2.1 repackaged
Zygisk LSPosed
Corepatch
All latest versions
 
  • Like
Reactions: pndwal
E

Essentrix

Senior Member
Apr 4, 2013
911
192
Samsung Galaxy A52 5G
swer45 said:
WTF, I never seen that. If you pass Safetynet, you must pass basic Play Integrity... Maybe SELinux problems? It's interesting.
Click to expand...
Click to collapse
Wow, I'm surprised it's something you guys haven't seen before.
Looked a little weird to me.
Still my most important bank apps work so not a big deal. Google wallet picks up root but don't really need it.
Thanks for being such a great resource. Open if you have any further thoughts.
pndwal said:
What's corepatch? PW
Click to expand...
Click to collapse
A LSPosed module
 
  • Like
Reactions: pndwal
P

pndwal

Senior Member
Jun 23, 2016
6,367
7,172
Sydney
Redmi Note 8
Xiaomi Redmi Note 8 (2021)
Essentrix said:
Wow, I'm surprised it's something you guys haven't seen before.
Click to expand...
Click to collapse
I've seen it. Cause was permissive selinux; we can pass SafetyNet (basicIntegrity and ctsProfileMatch) with that but not PI basicIntegrity... This additional requirement would probably have come to S/N except that it's superseded by PI, so this API got the stricter basicIntegrity requirement...

I don't yet know of other reasons (enhanced requirements) however, but it's likely there are others.
Essentrix said:
Looked a little weird to me.
Still my most important bank apps work so not a big deal. Google wallet picks up root but don't really need it.
Thanks for being such a great resource. Open if you have any further thoughts.

A LSPosed module
Click to expand...
Click to collapse
Try this: disable all Magisk modules, reboot, clear Google Play Services data, enable only latest @Displax USNF, reboot and check again...

Also, check selinux (in terminal emulator type getenforce with su) and in Play integrity API Checker click <> at top and screenshot raw JSON response... PW
 
Last edited:
  • Like
Reactions: Essentrix
You must log in or register to reply here.

Similar threads

Chainfire
[Android 2.1+][03.10.2011][v3.2] Chainfire3D [ROOT][OpenGL ES 2.0+]
Replies
3K
Views
3M
rignfool
rignfool
apb_axel
[ZIP] Synapse + Script => Universal Kernel Manager v3.8.1
Replies
3K
Views
767K
D
Dildoman
repey6
[6.0-12.0][Magisk]Dolby Digital Plus[upd.20211005]
Replies
2K
Views
746K
R
Radzią
Chainfire
[2014.05.01][ROOT] Mobile ODIN v4.20
Replies
5K
Views
3M
Zagnutty
Zagnutty
DooMLoRD
[04/Jan][ROOTING/UNROOTING] DooMLoRD's Easy Rooting Toolkit [v4.0](zergRush Exploit)
Replies
927
Views
3M
B
bishoy ashraf

Top Liked Posts

24 Hours 30 Days All time
  • There are no posts matching your filters.
  • 9
    S
    swer45
    New huge update for the Xposed module, also now the repo it's in LSPosed repo so it will appear in LSPosed app. You will want to install it :D

    GitHub - swer45/AttestationSpoofer: Xposed module that spoofs a fake root of trust in local attestations

    Xposed module that spoofs a fake root of trust...
    github.com github.com

    Screenshot_2023-05-11-16-51-55-199_io.github.vvb2060.keyattestation.jpgScreenshot_2023-05-11-16-51-59-407_io.github.vvb2060.keyattestation.jpg

    As you can see, now the module will spoof a locked bootloader with a verified boot state in RootOfTrust. This should work in all devices that have a TEE or StrongBox. If someone crash tag me and I will try to fix it.

    Also I'm working in Magisk module (Zygisk), but it's difficult XD.
    View
    5
    S
    swer45
    Screenshot_2023-05-11-18-19-07-241_com.CIB.Digital.MB.jpg

    With this module you can start the CIB Egypt Mobile Banking which is the only app I know they check if you have an unlocked bootloader. Enjoy 😎😎😎
    View
    5
    P
    pndwal
    swer45 said:
    That's why I hate Lineage, I don't understand that "rules"...
    Click to expand...
    Click to collapse
    'Hate' is a strong word!...

    Anyway, when the original CyanogenMod bundled all proprietary GApps for one thing, Google issued their infamous "Cease And Desist" order and Steve Kondik thought his baby was dead!...

    However Google were quick to clarify that although custom OS's could not legitimately bundle GApps (Nb. other ROMs still do), users are welcome to 'sideload' the same (as devices themselves are generally certified through CTS while custom ROMs are not)...

    So OpenGapps was formed to offer legitimised seperate packages, Steve continued with CM project, users continued to use vanilla CM (and later LOS) with proprietary Google Apps, and all in the custom mod world was sweet again...

    Of course Google must have realised they nearly shot themselves in the foot with that action, but they scrambled to offer a solution / compromise that wouldn't result in the death of CM or custom ROMs as we know them...

    I think the Lineage team simply see that Google is actually the custom modders benefactor and is (in reality) supportive of them and custom mods/ROMs in general if Devs play by the rules, and LOS is simply willing to do so...

    Also, they are in the best position to get their custom ROM approved/certified in future (see my post above) by being careful 'not to subvert Google's security model' by tampering expected signals... Note that Magisk now follows this same policy, and I think that's not just because John is a Googler now; it's also a sign of his maturity as a responsible dev...

    And ensuring that the main custom mods (ROM, root/overlay framework) comply in no way prevents "those passionate about hiding" from "doing their job"!... Both history and you are proving that.

    Personally I think LOS is great and follows a great tradition! 🙃 PW
    View
    3
    P
    pndwal
    Essentrix said:
    Hi,
    I can pass safelynet on YASNAC but not Play integrity API checker.
    Most bank apps work except one.
    Currently using Magisk 26.1, hidden, no enforce list, Shamiko, USNF 2 4.0 mod 1.2.
    Noticed you mentioned Magisk alpha. How is this different to Magisk 26.1 and can I go back to 26.1 afterwards if it makes no difference?
    I'm using rooted stock 13, no TWRP.
    Click to expand...
    Click to collapse
    Alpha works because after disabling Zygisk (which you need to do ATM) you have MagiskHide (old style) restored...

    You need to hide root from Starling but you cannot use Denylist or Shamiko as both require Zygisk, and even with native bridge loaded Zygisk (already implemented in Alpha, but still not fully hidable as is evident by Starling detections) injection/hooking is detected by memory scanning (or other means?)...
    antonioxerez said:
    Thanks a lot, it finally worked with Magisk alpha so, because it has worked this way, I tried to uninstall magisk alpha and normal magisk and reinstalling normal magisk and it is working as well without any module installed ... so I do not know what happened in the first place... could be that it just needed to make the initial bank app start without rooting and, after this first start, root the device and apply "denylist" in Magisk...
    Thanks all of you for your support :)
    Click to expand...
    Click to collapse
    Some have reported that Starling app gives you a week's grace from when it detects root until it fails to open... Just a guess on my part, but you may need a non-Zygisk hide solution again when/if that occurs.

    🤠 PW
    View
    3
    ipdev
    ipdev
    emlo16 said:
    Tested with all my devices with different ROMs. PE, OctaviOS, AncientOS, EvolutionX and Bootleggers 😉
    Click to expand...
    Click to collapse
    swer45 said:
    <SNIP>
    Also, that roms already have a fix hardcoded. @kdrag0n said it's better:
    View attachment 5910631
    Click to expand...
    Click to collapse
    pndwal said:
    Yeah... Maybe most custom ROMs now integrate SNF (per Proton model) or other spoofing... But what about Stock ROM users... 😉
    <SNIP>
    Click to expand...
    Click to collapse

    Just to mention, official LineageOS builds are not allowed to include 'hacks' like this.

    LineageOS Charter - [Github] - SafetyNet
    "- All devices MUST NOT alter SafetyNet validation responses."

    Cheers. :cowboy:
    View
  • 324
    kdrag0n
    kdrag0n
    Universal SafetyNet Fix
    Magisk module​

    Magisk module to work around Google's SafetyNet attestation.

    This module works around hardware attestation and recent updates to SafetyNet CTS profile checks. You must already be able to pass basic CTS profile attestation, which requires a valid combination of device and model names, build fingerprints, and security patch levels.

    If you still have trouble passing SafetyNet with this module, use MagiskHide Props Config to spoof a certified device profile. This is a common issue on old devices, custom ROMs, and stock ROMs without GMS certification (e.g. Chinese ROMs).

    Android versions up to 13 Beta 3 are supported, including OEM skins such as Samsung One UI and MIUI.

    How does it work?
    The way this workaround works is relatively low-level. An in-depth explanation, as well as source code and ROM changes, can be found on GitHub.

    Ideally, this workaround should be incorporated in custom ROMs instead of injecting code with a Magisk module. See the ProtonAOSP website for more information.

    Downloads
    Downloads and changelogs can be found on GitHub. The topmost release is the latest.

    Latest release
    v2.4.0
    Highlights
    • Play Integrity bypass without breaking device checks or causing other issues
    • Disabled use of hardware attestation on Pixel 7 and newer (@anirudhgupta109)
    Other changes
    • Updated instructions for newer Android and Magisk versions
    • Better debugging for future development
    This version only supports Zygisk (Magisk 24 and newer).

    It's taken a while to find a way to bypass Play Integrity that doesn't require spoofing the build fingerprint permanently, but I wanted to make sure this module doesn't cause any unnecessary breakage. Just like the original goal of Universal SafetyNet Fix, this minimizes adverse effects by spoofing dynamically at runtime only when necessary. Enjoy!

    If you found this helpful, please consider supporting development with a recurring donation for rewards such as early access to updates, exclusive behind-the-scenes development news, and priority support.
    Alternatively, you can also buy me a coffee. All support is appreciated ❤️

    Source code
    View
    222
    Displax
    Displax
    So, here is my modification of USNF with Play Integrity API bypass.

    It changes fingerprint to old 7.1.2 6.0 (LOL) and apply it only for GMS SafetyNet process (by Zygisk injection), so your original prints/security path level does not change. This avoids many side effects/problems with global props changing.

    Updated 3.0:
    No words needed, you understand everything yourself 😜

    Updated 2.1:
    Hide "Enable OEM Unlock" setting

    Updated 2.0:
    Bypassing DEVICE_INTEGRITY for devices that shipped with Android 13+ (Pixel`s 7 )

    Updated:
    Drop fingerprint to lowest possible (6.0) to ensure that no one use same Android version

    Usage:
    1. Delete/disable/reset MagiskHidePropsConfig (if installed).
    2. Just install it over old Universal SafetyNet Fix and reboot device.
    3. You may be needed to wipe GMS data (not cache) if there is no result immediately.

    Many thanks to @1nikolas for integrity checker.

    Source code: https://github.com/Displax/safetynet-fix/tree/integrity
    View
    58
    Displax
    Displax
    So, here is my new modification of USNF with Play Integrity API bypass.

    It is now based on top of original v2.4.0 codebase instead of v2.3.1, with adding new hiding algorithm for current realities and some code refreshing.

    Changelog:

    Version 1.2
    * Fix crash and endless tests loop/failing on Android < 9.0 (bug from original version 2.4.0).
    * Do not unpatch (revert) changes. To prevent possible tests failing after a while on some ROMs (cross conflicts).

    Version 1.1
    * Fix KeyStore hook desynchronization (tests randomly failing problem).


    Usage:
    1. Delete/disable/reset MagiskHidePropsConfig (if installed).
    2. Just install it over old Universal SafetyNet Fix and reboot device.
    3. You may be needed to wipe GMS data (not cache) if there is no result immediately.

    Source code: https://github.com/Displax/safetynet-fix/tree/dev
    View
    33
    Displax
    Displax
    So, created separate thread for my mod. Welcome)

    [MODULE] [MOD] Universal SafetyNet Fix

    Universal SafetyNet Fix [MOD] Magisk module...
    forum.xda-developers.com forum.xda-developers.com
    View
    31
    P
    pndwal
    Folks, the SafetyNet API was depreciated last Month with 'full turndown' slated for June 2024 and the introduction of the new Play Integrity API. It has also become clear that Google apps are simply the first to adopt the long foretold Play Integrity API; all responsible banks are bound to follow suit in short order, and at least before the June 2023 migration deadline.

    This means (assuming fully deployed Hardware Key Attestation doesn't come first 😬) that the need for a 'Universal Play Integrity Fix' has become quite urgent.

    We currently have workarounds involving using older fingerprint props by means of MHPC module (similar to fix needed for uncertified ROMs), but success/mileage varies per device and users of regular bank apps / gamers etc on stock devices will all soon be forced to experiment with MHPC prints also... This is hardly ideal.

    So I've made an issue report/request on USNF GitHub as follows. This information may be insightful to users here also...

    Please let me know here if I have missed anything important, or add any technically relevant details there...

    PLEASE DON'T spam that issue with unimportant details or queries... (The previous issue is already burgeoning w/ OT.) That's what this thread is for... 😛 :

    Please make 'Universal Play Integrity Fix' ... #204

    Fixes to expand 'Universal SafetyNet Fix' to become a 'Universal Play Integrity Fix' are needed.

    The SafetyNet Attestation API is deprecated and has been replaced by the Play Integrity API.
    https://developer.android.com/training/safetynet/deprecation-timeline

    New Play Integrity API is rolling out from June 2022, and evidently Google Play Store and Google Pay/Wallet are already using its verdict.

    June 2023 is the Migration Deadline for app developers. This will also allow their older app versions to continue working with SafetyNet API for a limited time.

    June 2024 is the End of life for SafetyNet API; its attestation will no longer work for any app version, and apps will receive an error.

    The new Integrity API has more strict requirements for passing attestation, and this seems to be enforced in Android 11+ particularly.

    Currently (evidently due to this), device security issues are detected by

    1. Google Pay/Wallet, which may state "You can't pay contactless with this device...(Your phone doesn't meet software standards)" on updating or attempting to add a card despite in-app Contactless setup stating "You're ready to pay contactless with your phone (Your phone meets security requirements)", and
    2. Google Play Store, which may no longer show apps like Netflix w/ Android 11+ (developers can 'exclude devices from their app's distribution based on their device integrity . Device exclusion is based on the latest device integrity verdict that the Play Store app receives from the Play Integrity API') despite in-app settings showing Play Protect 'Device is certified' result.
    I'm guessing that the 'passing' messages based on the old SafetyNet API are likely to realigned soon.

    A workaround that evidently allows Play Integrity API attestation to pass (and solve Wallet / Play Store issues also) has been discovered. It involves spoofing an earlier certified ROM, generally by using MagiskHide Props Config module to change fingerprint prop to one for Android 10 or earlier.

    Undoubtedly other apps will begin to detect broken TEE etc / fail as they migrate or begin integrating the Play Integrity API.

    A 'Universal Play Integrity Fix' will evidently require more understanding / research into how the fingerprint prop is used, and possibly other new behaviours.
    Click to expand...
    Click to collapse

    Here's hoping... 🙃 PW
    View

New posts