Related
I have just made successful transaction via Android Pay on my rooted & Xposed Samsung Galaxy S7.
I'm curious to know what is the actual reason for working as I was under impression that Android Pay is guarded by SafetyNet.
My Samsung Galaxy S7 runs Android 7.0 (G930FXXU1DQIC - patch level 8/2017), good old CF-Auto-Root and latest Xposed framework (no systemless root or Magisk). I started using S7 year and half ago and I am rooted from the very beginning. CF-Auto-Root disabled device internal memory encryption (after the last reinstallation). I only use two my own Xposed modules and YouTube AdAway. I block ads via AdAway. (I also disable any system/provisioning updates, security checks, unused system apps - but without using of any 3rd party software or hacks)
As I was thinking Android Pay won't work on my S7, I setup payment card on Samsung Galaxy S5 which I have reinstalled (from LineageOS) to the latest stock ROM (without rooting). Then I gave try my S7 and confirmed the same card for use on that device as well.
First I tried reading card info using "Credit Card Reader NFS (EMV)" which worked fine on both phones in either way so I tried using S7 today in a shop (two days after setup)... and it just worked.
Android Pay version: 1.36.177845727
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Interesting [emoji848][emoji848]
Could you please share your android pay apk? I would like to try
But I have magisk and a lot of modules with xposed, anyway I'll try
Enviado desde mi SM-G930F mediante Tapatalk
The version (name/code) I use is the same as here: https://www.apkmirror.com/apk/googl...id-pay-1-36-177845727-4-android-apk-download/
Before running any SafetyNet checks on my working S7, I will try replicating the setup on rooted S5 first.
EDIT (day later):
After rooting S5, Android Pay reports the "Android Pay can't be used on this device" message. However I used older image for rooting (as I had some issues with latest but will try again). It further confirms that there's some quirk in my setup/configuration that makes it work on S7.
S5 gave me that error shortly after trying reading card via "Credit Card Reader" app - so it seems like a perfect verification without the need to use a real terminal in a shop.
I don't have much time lately but I will be digging deeper...
EDIT (18th January):
Made second payment via Android Pay, this time above the limit requiring unlocking. It still works.
Still no luck with S5 - all SafetyNet checks fail. I'm too scared to actually run any SafetyNet checks on S7 but I guess I could snoop the network and compare the local SafetyNet logs/dbs inside GMS...
moneytoo said:
The version (name/code) I use is the same as here: https://www.apkmirror.com/apk/googl...id-pay-1-36-177845727-4-android-apk-download/
Before running any SafetyNet checks on my working S7, I will try replicating the setup on rooted S5 first.
EDIT (day later):
After rooting S5, Android Pay reports the "Android Pay can't be used on this device" message. However I used older image for rooting (as I had some issues with latest but will try again). It further confirms that there's some quirk in my setup/configuration that makes it work on S7.
S5 gave me that error shortly after trying reading card via "Credit Card Reader" app - so it seems like a perfect verification without the need to use a real terminal in a shop.
I don't have much time lately but I will be digging deeper...
EDIT (18th January):
Made second payment via Android Pay, this time above the limit requiring unlocking. It still works.
Still no luck with S5 - all SafetyNet checks fail. I'm too scared to actually run any SafetyNet checks on S7 but I guess I could snoop the network and compare the local SafetyNet logs/dbs inside GMS...
Click to expand...
Click to collapse
Just curious, is there any progress on this? I'm using latest Magisk with Xposed. One of my local payment app refused to work after a recent Google update. I think Google has strengthened the SafetyNet checking again. I wonder if your S7 is still working after the recent update.
@itandy
I've made over 10 payments, used S7 for setup Android Pay on Android Wear and it still works. I tried running SafetyNet checks and they said that attestation fails (both baseic integrity and cts profile match).
So far my thinking is that it's allowed by design. S7 features fingerprint reader which means (by CTS requirements) it also has embedded secure storage for signing keys (SE/TEE?). The S5 doesn't have that (their fingerprint reader was one of the firsts and didn't use system APIs) so it fall backs to unsecured software keystore implementation. I see that only S7 contains some actual data in table "StorageKey" (in Android Pay db inside GMS).
I tried spoofing "KeyInfo.isInsideSecureHardware()" but maybe I was too late as the device profile was already setup.
I've just realized I should be able to get another device (with fingerprint reader) for testing this theory so I will do that.
moneytoo said:
@itandy
I've made over 10 payments, used S7 for setup Android Pay on Android Wear and it still works. I tried running SafetyNet checks and they said that attestation fails (both baseic integrity and cts profile match).
So far my thinking is that it's allowed by design. S7 features fingerprint reader which means (by CTS requirements) it also has embedded secure storage for signing keys (SE/TEE?). The S5 doesn't have that (their fingerprint reader was one of the firsts and didn't use system APIs) so it fall backs to unsecured software keystore implementation. I see that only S7 contains some actual data in table "StorageKey" (in Android Pay db inside GMS).
I tried spoofing "KeyInfo.isInsideSecureHardware()" but maybe I was too late as the device profile was already setup.
I've just realized I should be able to get another device (with fingerprint reader) for testing this theory so I will do that.
Click to expand...
Click to collapse
Thanks for you response. But still it doesn't make sense to me. S7 is not the only device to have the requirements you mentioned. And specifically Xposed is one major target of SafetyNet. My device with Magisk passed everything without Xposed. But once Xposed is enabled, both ctsProfile and Basic Integrity fails, as expected.
I had the same situation S7 working android pay with root and xposed for the last year , until all of a sudden last week it stopped and now will only work if i disable xposed
is anyone's s7 still working with android pay ,root and xposed ?
or is it just mine that stopped last week ?
Stef
sjpage10 said:
I had the same situation S7 working android pay with root and xposed for the last year , until all of a sudden last week it stopped and now will only work if i disable xposed
is anyone's s7 still working with android pay ,root and xposed ?
or is it just mine that stopped last week ?
Stef
Click to expand...
Click to collapse
I'm not using S7. But my local payment app used to work with Magisk and Xposed until recently. I think a recent Google Play update strengthened the SafetyNet.
@sjpage10
The most recent payment I made with S7 was 9 days ago but that's cause I'm using watch now. I'm still able to read Android Pay card data from S7.
Android Pay version may not actually matter that much as the core for payments is in Google Play Services. I'm currently on version 11.9.75.
moneytoo said:
I have just made successful transaction via Android Pay on my rooted & Xposed Samsung Galaxy S7.
I'm curious to know what is the actual reason for working as I was under impression that Android Pay is guarded by SafetyNet.
Click to expand...
Click to collapse
sjpage10 said:
I had the same situation S7 working android pay with root and xposed for the last year , until all of a sudden last week it stopped and now will only work if i disable xposed
is anyone's s7 still working with android pay ,root and xposed ?
or is it just mine that stopped last week ?
Stef
Click to expand...
Click to collapse
I did a clean install of Superman ROM 2.8.0 by @Tkkg1994 (Android 7.1) + Magisk w/MagiskSU on my Galaxy S7 (SM-G930FD) back in December. With this combination, I was able to pass SafetyNet, and install Android Pay 1.36.177845727 using the Play Store app. I configured it and began using it without issue. I then installed Systemless Xposed, and even though SafetyNet would fail whenever Xposed is activated in Magisk Manager, Android Pay continued to work normally. Even with Xposed activated, the Play Store settings dialog would report "Certified" in the Device certification field. Nevertheless, apps that prohibit distribution to compromised devices (e.g., Netflix, which I don't have installed) would not show up in Play Store searches. Android Pay would still show up, presumably only because it was already installed on my device.
I have been using Android Pay nearly daily every evening at the supermarket across the street without issue until yesterday. During the day, I upgraded to Magisk 15.4 (from 15.3), Magisk Manager 5.6.0 (from 5.5.0), and Systemless Xposed 89.2 (from 89.1). Nothing appeared different; Android Pay continued to open normally. Note that I have NOT been offered (nor installed from any other source) any updates to Google Play Services in recent weeks; I am on 11.9.75. However, when presenting the device at the supermarket's payment terminal last night, I was greeted by a window featuring a red exclamation point in a circle, an image of my credit card, and the verbiage "You can no longer use Android Pay on this phone". There was a link to activate a feedback form, though I didn't submit feedback. When I backed out of the window, things otherwise seemed normal with respect to Android Pay: I was able to browse my various payment methods, explore the settings dialog, etc. I then disabled Xposed momentarily in Magisk Manager, and was once again able to pass SafetyNet. I haven't had the opportunity of try Android Pay again since this incident.
So, like most in this thread, I am trying to understand the relationship between Android Pay and SafetyNet, as well as any other device integrity checks it makes. Based on the experiences reported in this thread by @moneytoo, @sjpage10 and myself, it looks like Android Pay doesn't regularly check SafetyNet, though the Play Store does not offer it to you if your device is failing SafetyNet when you look for it. Obviously, that doesn't preclude sideloading it using an APK from APKMirror or another source.
So, I have a few questions:
It isn't clear to me why Android Pay suddenly stopped working last night. Is this a consequence of my updates, or did something change on the server side? It seems like it might be a bit more than a coincidence that both @sjpage10 and I experienced the same phenomenon within a short period of time.
Is there a convenient way to do complete end to end testing of Android Pay without actually making a charge? It sounds like @moneytoo has some method, but I am not clear what this is.
What does Android Pay actually check to determine if a device is allowed to use it, and when is this checked?
How can I find out the underlying cause of an Android Pay failure? I'll try logcat the next time I attempt to use Android Pay to make a purchase, but any hints on what to look for would be helpful.
Thanks.
@sjevtic
It stopped working for me as well.
So far on every device I tried, Android Pay works perfectly fine offline (for at least few days) but after a device reboot it requires internet connectivity for initialization.
The "Device certification" status in Play Store is cached and doesn't 100% correspond with the actual SafetyNet responses. Apps like Netflis doesn't show up when SafetyNet fails but there's no such protection turned on for Android Pay.
1) Seems like they disabled the responses on servers needed for initialization of Android Pay
2) As I already mentioned, install "Credit Card Reader NFC (EMV)" on second phone and try reading card with that. When this works, Android Pay also works.
3-4) That's the question. I still think it's possible to hack it so Android Pay will continue working on our phones. The key here is that it works offline. It may be a bit cumbersome though (automate rebooting to environment without Xposed to refill new payment tokens).
BTW: At least Android Pay still works on my Android Wear watch (connected to S7).
moneytoo said:
@sjevtic
It stopped working for me as well.
So far on every device I tried, Android Pay works perfectly fine offline (for at least few days) but after a device reboot it requires internet connectivity for initialization.
Click to expand...
Click to collapse
So Android Pay previously didn't need to be online to process payments? Are you suggesting that there was some form of pre-authorization, either for some period of time, dollar amount, or number of transactions for which it will work with no further attempts to connect to a server? And was SafetyNet only checked at the time of this pre-authorization? For what it is worth, I have been online every single time I attempted a transaction to date, so as of the moment I have no additional data to offer here.
The "Device certification" status in Play Store is cached and doesn't 100% correspond with the actual SafetyNet responses. Apps like Netflis doesn't show up when SafetyNet fails but there's no such protection turned on for Android Pay.
Click to expand...
Click to collapse
It doesn't make a lot of sense why the SafetyNet status displayed would be cached, yet a live value would be used to filter apps displayed by the Play store. Nonetheless, observations seem to support this.
1) Seems like they disabled the responses on servers needed for initialization of Android Pay
Click to expand...
Click to collapse
So are you suggesting that now Android Pay goes online for every transaction made, checking SafetyNet at each transaction as well?
2) As I already mentioned, install "Credit Card Reader NFC (EMV)" on second phone and try reading card with that. When this works, Android Pay also works.
Click to expand...
Click to collapse
Ah, ok, I found the app now. That said, it didn't seem to actually be able to read NFC cards, let alone my S7's Android Pay "card" on the HTC One M8 that happened to be sitting in my desk. Just to make sure the app was sane, I tried installing it on my S7 and was able to read my NFC-enabled transit card, but that doesn't help much for these experiments. I can find a different phone on Monday if needed.
Before you responded though, I found a vending machine in the office that accepts NFC payments, and for which I can just cancel the transaction after scanning. I did a couple simple tests with it:
Android Pay transaction with Xposed on (SafetyNet failing): "You can no longer use Android Pay on this phone"
Android Pay transaction with Xposed off (SafetyNet pass): Success/green check mark
Android Pay transaction with Xposed on (SafetyNet failing): "You can no longer use Android Pay on this phone"
In each of these scenarios, I was online. It seems like now SafetyNet has to be passing whenever Android Pay is used to make a transaction. It isn't yet clear whether the phone also has to be online.
I am out of the office today, but can try some other scenarios on Monday if needed (e.g., Android Pay while offline).
3-4) That's the question. I still think it's possible to hack it so Android Pay will continue working on our phones. The key here is that it works offline. It may be a bit cumbersome though (automate rebooting to environment without Xposed to refill new payment tokens).
BTW: At least Android Pay still works on my Android Wear watch (connected to S7).
Click to expand...
Click to collapse
An occasional boot with Xposed off for a "refill" would be manageable; requiring that Xposed be off at every boot during which an Android Pay transaction is made not so much.
Any suggestions? I am happy to help out in any way I can, though sadly I have no significant Android development experience at this point.
Quick update
Over the course of the weekend, I upgraded my phone to Superman ROM v2.9.0, and along the way, I spent some time (that is, more than a few minutes) with my phone booted up without Xposed running. I am not sure if this had any effect, but when I next tried Android Pay on Saturday and then again on Sunday, it worked. In both cases, Xposed was running and the phone was online.
Today, however, Android Pay failed again with the same message I reported earlier. So, that makes me wonder:
Is offline authentication caching working again?
Does the phone need to be booted up for an extended period in a SafetyNet-passing state (Xposed off) to refill the offline token cache?
Is there a way to examine the contents of the offline token cache, and determine the state of remaining tokens, if any?
Thanks.
moneytoo said:
@itandy
So far my thinking is that it's allowed by design. S7 features fingerprint reader which means (by CTS requirements) it also has embedded secure storage for signing keys (SE/TEE?). The S5 doesn't have that (their fingerprint reader was one of the firsts and didn't use system APIs) so it fall backs to unsecured software keystore implementation. I see that only S7 contains some actual data in table "StorageKey" (in Android Pay db inside GMS).
I tried spoofing "KeyInfo.isInsideSecureHardware()" but maybe I was too late as the device profile was already setup.
Click to expand...
Click to collapse
Indeed SE (oldschool sim toolkit), or TrustZone (TEE) is to blame. SafetyNet is consulted only if the pay is, well ... exposed.
I'd advise against releasing yet another safetynet bypass though, as those are promptly coopted by banking trojans and google is forced to update safetynet soon after (magisk didn't work for very long now, did it). Xposed is difficult beast to hide sort of by design.
isInsideSecureHardware
Click to expand...
Click to collapse
I suspect that when you do that, you tell the NFC payment stack that you now sign tokens inside TEE trustlet, but without having TEE...
Hi, hopefully this is a good place for this topic. I had xposed installed. Then I get rid off xposed, safety net pass in magisk but Google play still shows uncertified and when I try to use android pay in shop payment is declined. What to do to make android pay working?
All mobile banking app working fine including barclays, but Google play shows "uncertified" and everytime when I want to use android pay payment is declined.
Could that have something to do with this>>> https://1drv.ms/i/s!AmrrA5rL7BHoiyBizoVNXJirSEPo
Before in settings I had "android pay" now is "g play"
Please help
https://didgeridoohan.com/magisk/Ma...and_other_apps_wont_install_or_doesnt_show_up
I cleared data in Google play app, it show "certificated " in settings in Google play. Safety net check pass but still cannot pay by android pay. Payment get declined as before :crying:
I haven't got any direct experience with Android Pay, but I believe you might also have to start over, clear data for AP and add your card again. I'm just guessing, unfortunately, but I seem to remember reports like that...
Didgeridoohan said:
I haven't got any direct experience with Android Pay, but I believe you might also have to start over, clear data for AP and add your card again. I'm just guessing, unfortunately, but I seem to remember reports like that...
Click to expand...
Click to collapse
I tryed this too and still android pay doesn't work
x7nofate said:
I tryed this too and still android pay doesn't work
Click to expand...
Click to collapse
Flash the attached fix, and you should be good to go afterwards.
guptapunjabi said:
Flash the attached fix, and you should be good to go afterwards.
Click to expand...
Click to collapse
Is not working, I still get message "payment declined" when I try to use android pay
Hello.
I used the Santander UK banking app quite frequently.
I recently rooted my S7 Edge (SM-G935F) with Magisk and installed LineageOS 15.1. I pass safetynet completely, Google Play says my device is certified, and, with Magisk Hide, I pass all checks in RootBeer Sample.
I have enabled Magisk Hide on the Santander UK app, force stopped it, cleared its data, and rebooted my phone.
But when I try to open it, it detects my device as rooted. Are there any ways to get around this, or will I have to use the web version?
Thanks.
You're not alone!
Lots of people are having the same issue, I have already opened a thread for this and have listed the link is below. Feel free to update us when you have further information!
https://forum.xda-developers.com/apps/magisk/magisk-hide-longer-hiding-root-t3823214
Regards
Check this out peeps, i might be onto smt: https://forum.xda-developers.com/showpost.php?p=77240186&postcount=93
Permanent fix
To all those people who are having this issue, there is now a permanent fix to get around this. Please see the following post/thread:
https://forum.xda-developers.com/showpost.php?p=77331765&postcount=99
Mo
I got a rooted (including eDxposed) Galaxy Note 10 Plus (N975F) and planning to buy the GW3 from the USA.
So far I am able to make the phone pass safetynet, work with Gpay. Samsung Health works thanks to the modified apk from xda.
Samsung pay doesn't work on the phone.
As my phones is rooted - Will I be able to use Samsung Pay on the watch? What about ECG, BP and other fitness measurements?
P.S. To the mods - I am not sure if this is the right forum for this question. I wasn't able to find any other GW3 Q&A forum. Please kindly move it to the right forum if this is not it. Thanks.
I have also a rooted phone and wonder if Samsung Pay, ECG, BP and other fitness measurements can be used or not with a rooted phone
I have the same problem, any solution? I was able to have the health monitor app in the watch, but I can't use it as the phone app says my galaxy is rooted.
This may be slightly irrelevant to you, but I'll share my experience. I have the Galaxy Watch 3 paired to a OnePlus 7 Pro, rooted with Magisk, passing safetyNet.
ECG is not working for me (not available in my region).
Samsung Pay is not working for me. I tested with friends' Samsung phones and they don't have Samsung Pay either (therefore not available in my region so I can't test).
I've read on the forums that ECG is not working with rooted Samsung phones. Rooting a Samsung (or unlocking the bootloader, generally) trips KNOX. If you have KNOX tripped, people reported ECG not working and Samsung Pay getting disabled as well. This happened in THE UNITED STATES where ECG and Samsung Pay are usually working.
Don't take my word for it though, read it for yourself
TermoZour said:
This may be slightly irrelevant to you, but I'll share my experience. I have the Galaxy Watch 3 paired to a OnePlus 7 Pro, rooted with Magisk, passing safetyNet.
ECG is not working for me (not available in my region).
Samsung Pay is not working for me. I tested with friends' Samsung phones and they don't have Samsung Pay either (therefore not available in my region so I can't test).
I've read on the forums that ECG is not working with rooted Samsung phones. Rooting a Samsung (or unlocking the bootloader, generally) trips KNOX. If you have KNOX tripped, people reported ECG not working and Samsung Pay getting disabled as well. This happened in THE UNITED STATES where ECG and Samsung Pay are usually working.
Don't take my word for it though, read it for yourself
Click to expand...
Click to collapse
I have one plus 7 pro with magisk and galaxy watch 3 too... I can use galaxy watch 3 as well, no problem. but when I try to use samsung health monıtor app (installed as apk seperately) it says ''samsung healt monıtor does not work with rooted phone''. safety net passed, magisk hide is on and magisk manager packed with different name. no luck
If you have knox tripped phone:
1) rooted :
- samsung pay (watch) not working
- shealth working (including sync!!!) when ro.config.tima fixed using magisk and magisk configbuild module
- samsung health monitor not working
- btw gpay working using sqlfix magisk module
2) unrooted/official/relocked bootloader:
- samsung pay (watch) working
- shealth working partialy (no sync), to use latest version find xpirt patched version, install it, open, agree to terms...then download latest apk on apkpure, install SAI from google store, settings -> sign apks.. install/update using latest apk using SAI.. now you have latest shealth with no online sync working (so forget 3rd party integrations.. google fit, xiomi scale...)
-health monitor working, but doesnt sync with shealth
Search xda for details if confused..
doclucas said:
I got a rooted (including eDxposed) Galaxy Note 10 Plus (N975F) and planning to buy the GW3 from the USA.
So far I am able to make the phone pass safetynet, work with Gpay. Samsung Health works thanks to the modified apk from xda.
Samsung pay doesn't work on the phone.
As my phones is rooted - Will I be able to use Samsung Pay on the watch? What about ECG, BP and other fitness measurements?
P.S. To the mods - I am not sure if this is the right forum for this question. I wasn't able to find any other GW3 Q&A forum. Please kindly move it to the right forum if this is not it. Thanks.
Click to expand...
Click to collapse
Samsung pay watch depends on samsung pay on phone, so if the phone isn't working, you can't use it...
S Health works fine since it's tima in build.prop set from 1 to 0...
However, the BP and ECG in Samsung health monitor, you can grab my modified apk and it will work, the app is guarded against root, not just tima in build.prop, but root apps, busybox, xposed and su commands...
Hope that helps...
Samsung Galaxy Note 20 Ultra Rooted with Galaxy Watch 3...
@Dante63
Thank you.
I already have the watch.
Samsung pay actually works just fine through the watch, although the Spay on the phone doesn't work due to tripped knox.
I tried your modified SHM on the Samsung phone, but it seems to not only check for root, but on Samsung phone it also checks for Knox and then exits with the error that the phone has been modified.
Is there anything you can do to fix it so that it will also skip knox check?
Thanks again
doclucas said:
@Dante63
Thank you.
I already have the watch.
Samsung pay actually works just fine through the watch, although the Spay on the phone doesn't work due to tripped knox.
I tried your modified SHM on the Samsung phone, but it seems to not only check for root, but on Samsung phone it also checks for Knox and then exits with the error that the phone has been modified.
Is there anything you can do to fix it so that it will also skip knox check?
Thanks again
Click to expand...
Click to collapse
SPay works?
EDIT: Yes it does, good catch... thanks for the info...
As for SHM, then i might have not seen tima and it actually checks build.prop... did you change your build.prop, set tima from 1 to 0 and reboot...? Does your Samsung Health work..?
Yes, I changed build.prop and SH works, but SHM doesn't. Can you fix this?
doclucas said:
Yes, I changed build.prop and SH works, but SHM doesn't. Can you fix this?
Click to expand...
Click to collapse
Just to be sure, you grabbed the files from my google drive...?
If you grabbed the Carabana Mod from androidfilehost, that has root detection...
OK, what's the link and which file should I grab?
@Dante63
Just wanted to thank you for modifying the file and removing the root detection.
I downloaded it from your drive and it works perfectly!
[RESTRICTIONS-REMOVED] Samsung Health Monitor - TIZEN - 1.1.3.002 - Root, Age, Country & Device Restriction Removed - 23rd May 2023
Hello Everyone, I hope you all are fine... ~~~ TIZEN WATCHES ONLY ~~~ ~~~ FEATURES, BUGS & FUTURE WORKS~~~ FEATURES: Works on Active2 and Watch3 (as mentioned, Samsung Tizen Watches), Multilanguage, no root detection, no country restriction...
forum.xda-developers.com
doclucas said:
@Dante63
Just wanted to thank you for modifying the file and removing the root detection.
I downloaded it from your drive and it works perfectly!
[RESTRICTIONS-REMOVED] Samsung Health Monitor - TIZEN - 1.1.3.002 - Root, Age, Country & Device Restriction Removed - 23rd May 2023
Hello Everyone, I hope you all are fine... ~~~ TIZEN WATCHES ONLY ~~~ ~~~ FEATURES, BUGS & FUTURE WORKS~~~ FEATURES: Works on Active2 and Watch3 (as mentioned, Samsung Tizen Watches), Multilanguage, no root detection, no country restriction...
forum.xda-developers.com
Click to expand...
Click to collapse
You're most welcome ...
@Dante63
I know it's off-topic, but is it possible to remove root/knox detection from Samsung pay app as well? (the one for the phone, not for the watch)
doclucas said:
@Dante63
I know it's off-topic, but is it possible to remove root/knox detection from Samsung pay app as well? (the one for the phone, not for the watch)
Click to expand...
Click to collapse
Samsung pay and any banking apps are heavily guarded against tempering and modifications, so it's not possible...
Dante63 said:
Samsung pay and any banking apps are heavily guarded against tempering and modifications, so it's not possible...
Click to expand...
Click to collapse
Yes, and still we can get safety-net to pass with the new safetynet-fix magisk module, hide magisk from other apps (including all my banking apps) and able to use them and google pay without a problem now, except for Samsung Pay app. What makes this app so special compared to the other apps I mentioned?
doclucas said:
Yes, and still we can get safety-net to pass with the new safetynet-fix magisk module, hide magisk from other apps (including all my banking apps) and able to use them and google pay without a problem now, except for Samsung Pay app. What makes this app so special compared to the other apps I mentioned?
Click to expand...
Click to collapse
Samsung Pay rely on several Samsung services and framework apks which are also guarded against tampering and have root detection which is not the safety net...
Root detection comes in forms of apps installed, as you can see from Samsung Health monitor, it also would attempt to look for busybox and attempt to call "su" which is Linux command to get root access and try mounting partitions which all on success would trigger flag rooted...
So Samsung pay has additional protections aside the Samsung Health Monitor ways, it is also guarded like all banking apps with encoded strings, in other words, things you don't know what they stand for and the apps names get encoded to be compared with the provided...
Also, as long in download mode it shows custom and not official, Samsung pay won't work, it is not linked to the knox trip since official Samsung ROM works fine with everything despite the device was rooted before, knox now is mainly for voiding warranty...
I'm not much of an expert in this so some of what I said about know and Samsung pay may not be accurate...
The only things I'm sure about is how strongly they are secure against tampering and detection of root in different forms which even by having a folder named "magisk" on the internal memory believe it or not...
Thanks for the thorough and modest answer.
I personally want to believe that nothing is impossible, I guess it's only a matter of time until this will also get hacked.
The only question is - who will really want to use a hacked samsung pay app when it may contain some malwares or god knows what...
doclucas said:
Thanks for the thorough and modest answer.
I personally want to believe that nothing is impossible, I guess it's only a matter of time until this will also get hacked.
The only question is - who will really want to use a hacked samsung pay app when it may contain some malwares or god knows what...
Click to expand...
Click to collapse
I'd rather not use modified apps related to banks and cards or anything sensitive... there is a reason why they tightened the security on them but SMH or apps that have no important info, well I don't mind if my BP or ECG is leaked lol...
Hi everyone, I've been seeking for a solution before posting here, didn't want to bother anyone or clutter the web, but as a last resort...
My device is rooted, props successfully installed and set. Banking app works, Netflix and even McDonald's (which I've tested because i had a cts issue) which is now solved.
The issue now is that i want to activate payments using NFC, but when i open my bank app and try to activate the toggle it shows this error:
"your smartphone does not meet the requirements to use NFC payments.
HCE_INIT_ACTIVATION/ERROR_SECURITY_TRC"
It's not a big issue, but if there is a work around. I would like to know.
Good you have an option alternative to Google Pay in first place (you are probably not in US, right?). I recently has similar question posted on reddit without much success. Let's see what audience will propose here.
Yes indeed i'm from Europe and I'm not using G-Pay because i think every bank here have their own toggle in their apps to activate or deactivate the option: "pay with your smartphone."
I'm also pretty doubtful as to whether there is a solution to this error, however my fingers are crossed.
ScratchTheCat said:
every bank here have their own toggle in their apps to activate or deactivate the option: "pay with your smartphone."
Click to expand...
Click to collapse
There was same case in US 3-5 years ago and then Google Pay took over and now none of the banks supports its own payment feature in app
Did you check Xposed? There are modules to bypass root check in some European banks available, may be at least on will work.
That's some pretty bad news, that means that Europe will most certainly follow soon enough...
I have not tried Xposed or EdXposed yet, I'll look into it tomorrow and try it out depending on the info.
Question; Does Magisk pass the safety test on your device?
Can you find Netflix on the Playstore? = basicIntegrity
Can you use the McDonald's app? = ctsProfile
I'm curious about your case too.
Even when your bank does not support Google Pay yet, you can use PayPal and they draft the payment from your bank account. Or open an additional account with a bank supporting GPay.
ScratchTheCat said:
Hi everyone, I've been seeking for a solution before posting here, didn't want to bother anyone or clutter the web, but as a last resort...
My device is rooted, props successfully installed and set. Banking app works, Netflix and even McDonald's (which I've tested because i had a cts issue) which is now solved.
The issue now is that i want to activate payments using NFC, but when i open my bank app and try to activate the toggle it shows this error:
"your smartphone does not meet the requirements to use NFC payments.
HCE_INIT_ACTIVATION/ERROR_SECURITY_TRC"
It's not a big issue, but if there is a work around. I would like to know.
Click to expand...
Click to collapse
What is this application you are using? Can you provide a link to google play store? And one more question, do you have to register to the banking application to add a card and see this error
Spartacus500 said:
What is this application you are using? Can you provide a link to google play store? And one more question, do you have to register to the banking application to add a card and see this error
Click to expand...
Click to collapse
Yes this is an app of the bank I'm customer of, so you need to be a customer there and have a bank account and a card, plus a card reader to login to the app at first. Which all works as it should, however the NFC "tap to pay" option doesn't work. Due to the error mentioned above. Also apps such as "it's me" also don't work. https://play.google.com/store/apps/details?id=be.bmid.itsme&hl=nl&gl=BE
When I'm off work, I'll try EdXposed.
ava1ar said:
There was same case in US 3-5 years ago and then Google Pay took over and now none of the banks supports its own payment feature in app
Did you check Xposed? There are modules to bypass root check in some European banks available, may be at least on will work.
Click to expand...
Click to collapse
I've tried EdXposed along with it's modules flashed through Magisk. No luck at all.
However EdXposed does show the NFC app in the blacklist which Magisk doesn't.
My banking app doesn't seem to know that the device is rooted until it asks me to turn on NFC.
Ehh idk...