Wouldn't it be possible to intercept the SafetyNet check and then actually run the check on a device that still passes SN and send back the result? Since Samsung, OnePlus and Google devices are still able to pass SN with custom Software this should be possible.
I think it needs to be rerouted. Spoofed in a way that it doesn't get detected the same weight methods used in the hacking tool called Lucky patcher. And no I'm not endorsing the app. there's probably a topic about it on the actual Lucky patcher site but since we're not supposed to do really mention that type of tool even though can be used in the genuine way...
There was talk about it on Twitter about suggesting the exact same thing you're implying.
https://twitter.com/topjohnwu/status/1238514375150850048?s=09
I'm pretty sure the SafetyNet Deamon on your phone generates some sort of result that's based on your phone's fingerprint. This would mean if you'd want to pass SafetyNet on let's say a google pixel, you'd need another google pixel that generates the 'passing SN result' and then pass it to your unlocked google pixel. This may be possible but I don't have 2 identical phones for programming.
Also, the google framework is closed source and very obfuscated making it very difficult to figure out how SafetyNet actually works. SafetyNet itself checks the Zygote proccess for changes, so hooking in to your android phone to analyze a true SN pass would theoretically be impossible already. It'd be very hard to route a true safetynet result with a locked phone. But, if I can help in any way, I'll be glad to do so. Not experienced enough with how android 8 and up work to tweak them though.
bomboem said:
I'm pretty sure the SafetyNet Deamon on your phone generates some sort of result that's based on your phone's fingerprint. This would mean if you'd want to pass SafetyNet on let's say a google pixel, you'd need another google pixel that generates the 'passing SN result' and then pass it to your unlocked google pixel. This may be possible but I don't have 2 identical phones for programming.
Also, the google framework is closed source and very obfuscated making it very difficult to figure out how SafetyNet actually works. SafetyNet itself checks the Zygote proccess for changes, so hooking in to your android phone to analyze a true SN pass would theoretically be impossible already. It'd be very hard to route a true safetynet result with a locked phone. But, if I can help in any way, I'll be glad to do so. Not experienced enough with how android 8 and up work to tweak them though.
Click to expand...
Click to collapse
Here are my thoughts about this:
I'm not sure if the SN result is only valid for one device and or for one app.
Afaik the EdXposed magisk module is able to bypass SafetyNet. I tested it before this and it worked fine. Now the only thing that has been changed is that it also checks if the bootloader is unlocked in a cryptographically safe way. Afaik Samsung, OnePlus and Google devices should be able to pass that check. OnePlus and Google devices are able to relock the bootloader using a custom key of the rooted phone / custom rom. Samsung devices don't need to have to bootloader unlocked because of the Download (odin) mode. Those devices could then be used to spoof anything they want including the calling app and maybe the fingerprint of the phone.
Related
I have googled but haven't found answer:
With the use of Magisk one can root his device and yet use Android Pay
but what risks for the user to have his money used by a thief in possession of his rooted smartphone?
You can remotely wipe the device via Android Device Manager..
But no chance that my Android Pay is used before I wipe the device?
EMJI79 said:
But no chance that my Android Pay is used before I wipe the device?
Click to expand...
Click to collapse
What if you removed the card that has been setup from Google Wallet Website?
EMJI79 said:
but what risks for the user to have his money used by a thief in possession of his rooted smartphone?
Click to expand...
Click to collapse
The exact same as a thief in possession of an unrooted phone. The Android Pay root prohibition is a precaution against software security breaches, not physical theft of the phone.
kartikb said:
What if you removed the card that has been setup from Google Wallet Website?
Click to expand...
Click to collapse
I don't understand you?
I am worrying that the thief or the people who finds my smartphone uses it before I can wipe the phone.
I rather have it impossible to use my android pay.
I was wondering if Google tried to unable android pay on a rooted phone because it would be too easy for someone else to exploit it.
EMJI79 said:
I don't understand you?
I am worrying that the thief or the people who finds my smartphone uses it before I can wipe the phone.
I rather have it impossible to use my android pay.
I was wondering if Google tried to unable android pay on a rooted phone because it would be too easy for someone else to exploit it.
Click to expand...
Click to collapse
A thief that steals you phone will have the same access as one that steals an unrooted phone.
You need to physically secure your device. This is no different that a bad guy getting hold of your credit card.
This is exactly why a password is required to unlock the phone.
A rooted phone may have data compromised by an application if you grant it root.
This is the issue.
I grant permissions mainly to Titanium Backup and AdAway.
My concern was that someone could use my Android Pay by plugging it to its computer and knowing a little bit of computing.
It seems it isn't the case so I think I'll root the next smartphone I am receiving in a few days.
I also use root to install apps for changing build.prop or dpi/font, if I follow what you say, by denying cellular and wifi access to these apps, I should be safe, right?
I do believe that NFC control and internet access are two separate permission,and so does the process​. Since NFC can work without a SIM,and run on it's own piece of hardware,we can assume that NFC and phone's radio signal have almost nothing to do with one another.All of your credit card information would actually be storred on the NFC hardware encrypted rather than your phone's system. Evidently by the fact that banks and phone companies have been offering NFC stick on accessories for unsupported smartphone.The app only act as a terminal to let you control your NFC hardware.
So in short,NFC is much safer than a normal credit card, information stored by NFC can't be access by any level of phone system access.But a rooted phone might allow others to bypass your screen lock and turn on your NFC.
P/s: build.prop can be edited as easily as using a file manager with root access.Or if you're that lazy just find a zip file and flash it.Any build.prop editing app are essentially scam!!
Along with my regular bank account, I use Simple bank. Simple bank is the only card I use in Android Pay.
Their Android app allows you to block and unblock your card instantly. So I'll keep the card blocked all day everyday until I'm about to use it at a terminal/online/ATM to make a purchase. Once it goes through I block it again immediately. If someone gets ahold of my phone when I don't notice, they can try to use Android Pay, but it won't work since I keep it blocked. See? The only real scenario they could get around that is if they steal my phone out of my hands while I'm in line at a store with security cameras, right after I unblock it. In that situation though, I'd just take out my Nexus 5 (main phone is Nexus 6P) and block it on that since I have it installed on both. Any attempted purchases while blocked will be declined. I also like this method because if my card gets skimmed at an ATM / gas station, I'll see declined purchases on the card without actually losing any money. Then I can just report it as stolen / skimmed and have it deactivated and sent a new one.
Here's a link to the bank app if you want to look into it. You apply right from the app and get an account setup (if approved) within a few business days;
https://play.google.com/store/apps/details?id=com.banksimple
I should also note that they only recently (less than a week) started supporting Android Pay. They use a partner bank to back them. It used to be Bancorp, but they switched to BBVA Compass. You'll need the BBVA backing bank to use AP. Bancorp is not supported. I believe they switched everyone to the new partner bank & all new customers use them as well, but it might be worth it to look into their support site or call them yourself to be sure.
Magisk is not altering system partition
So your apps actually can't be tampered and people can't get info from apps. The main issue in rooted devices people can get the information stored in app's private database and preferences so what actually Magisk is doing moving or helping the banking apps or apps those need to be run to a more safe place that is safe from outside activities.
Hi all I'm still in 2 minds whether i root my note 9, I'm not sure I wanna lose sasung pay, I'm trying to get google pay to work on my rooted S7 to make comparisons but it's not working I get errors that it's been rooted. I thought google pay works with rooted devices? I've followed the instructions such as hiding it magdisk but it fails safety net...any advice?
Thanks
Some mods will screw Safety Net and there's nothing you can do about it. For example, Xposed. You should disable all Magisk modules, and try them one at a time until you find the culprit, and see if you can live without it.
Hi, so recently I bought my Mi A2 and then decided to unlock it. All seems well, installing custom rom wasn't a problem at all.
However I find something rather annoying, so here's the thing. After unlocking the bootloader, the device build fingerprint was changed, from Jasmine_sprout into taimen, then Play Protect said my device wasn't certified. Installed Magisk, SafetyNet pass both cts and basic integrity but then nothing.
Play Protect now said my device is certified but I can't find some apps that I want to install, which on stock locked bootloader these apps appear on Play Store *such as Lens Distortions, Netflix, Torque Drift*. Then I figured out maybe the device fingerprint was the culprit, but no.
MagiskHide Props Config used, changed the fingerprint into legit Mi A2, still won't work. Trying another SafetyNet module, still won't work. It makes me wonder, why is this happening?
Previously was using Nokia 8 and it didn't have this kind of problem on the same condition e.g. unlocked and systemless root with Magisk, play protect said the device is certified yet these apps that I mentioned before still appear on Play Store.
But on Mi A2? No luck. SafetyNet does work but in the same time it doesn't. Does anyone here understand what might be the culprit of this annoying problem that I have? Tbh I'm really curious about it right now.
Hey all!
I'll do the long story short: I am stuck on a Korean Note 9 in Europe, which means no Samsung pay for me.
Now, since I can't get Samsung Pay, and I saw I can't instal Google pay either(not sure why the Play store wouldn't let me), I have been contemplating before setting up my Note, to maybe root it, and going stock european ROM.
I have rooted multiple phones in the past, but I am not sure if it's worth it in the present, as the UIs are pretty good and complete.
Now my question is, do I lose anything else by rooting? Could someone Eli~10 what that knox fuse tripping means for future limitations/possibilities? Also, besides my reason to set custom dpi for an app, why else would one root its Note 9 nowadays?
Thanks!
I'm pretty sure you lose Private Folder and maybe Samsung Health if you root. I'd consider rooting only for Viper4Android & the YouTube Background Playback xposed module. But I saw there is xposed for non-rooted phones & Note9 has Dolby Atmos so I think this will be my first android phone that I won't root (don't even need root anymore).
It is personal preference, but all apps that require Knox will cease to work, so almost all payment apps will be of no use. While the first comment said S Health would no longer work, months ago a workaround was found to get it to work. Many apps I like require root, but there are nonroot workarounds for most of them.
Snowby123 said:
It is personal preference, but all apps that require Knox will cease to work, so almost all payment apps will be of no use. While the first comment said S Health would no longer work, months ago a workaround was found to get it to work. Many apps I like require root, but there are nonroot workarounds for most of them.
Click to expand...
Click to collapse
And which are specifically the apps that require Knox to work?
I don't know all of them. The only ones I know are Samsung Pay, Samsung Pass, Secure Folder, and Adhell, but development of Adhell ceased months ago. There are definitely more.
I had the same dilemma when I first bought my Note 9. For a couple of seconds. Then, I rooted it as I do with every Android phone I get since 2009.
Any app, website, or service that demands a non-rooted device goes automatically to my black list.
With latest Safetynet upgrades safety net will not pass on Android Q suddenly stopped working for me while using magisk.
If anyone is still passing it on the N9600 on OneUI 2 let me know if you have a way to fix it but most methods are not working so i will have to live without my Mcdonalds Coupons Google Pay still works though
This was a security change that'd Google made on their end thus the majority of magisk users had cts profile failing as I'm typing this seems like Google has reverted this change maybe temporarily.
I also want to know
Hy sir if you solve that problem tell me also