Users of android ROMs or rooted devices are often unable to use certain apps because they make a request to google to check whether the phone is “safe” or “secure” or whatever wording they use. Is there a way to trick those apps? Pretend to be google, remove/replace the google check, or even intercept the check at runtime and return that “everything is alright”?
Game have been hacked, cracked, or what for ages. It’s surely possible with android apps, isn’t it?
There are three levels of security, and it depends on what your app will check for.
Basic: This is essentially unsecure at this point, and any app that checks for security will almost certainly check for a higher level. If you root your phone, you likely will just show “basic.” Netflix will be low quality and most banking apps will not work, even if you use the default root features to hide your root.
Device: This is considered the norm for security checks and current peak efficiency point for accessing secure apps. You can spoof this level of security with Magisk if you are rooted (optionally unlocked), plus Play Integrity Fix as a plugin to Magisk. Note that you have to keep it updated - it is based on spoofing a device fingerprint that is shared at the plugin-level, and which Google periodically blocks. You can also learn to find your own fingerprint if you are tech savvy, but it could still be blocked and can be time-consuming. This is the minimum level to use Google Wallet NFC payments and most banking apps. If done right, Netflix will stream high quality as well.
Strong: This is the highest level of security, which an app thinks will only be present if you have a fully locked bootloader and are unrooted. Some banking apps require this now, but a year from now, it likely will be the norm. A year ago, this wasn’t able to be spoofed, but now there is something called Tricky Store that can spoof this and show Strong security to apps even when unlocked and rooted. However, it is much more complicated to set up - be prepared to join sketchy Telegram groups and scrounge for elusive security files.
GrapheneOS supports this type of security checking outside of Google’s Play Integrity API but app devs have to enable it. The Graphene devs encourage leaving one star reviews, emailing support, and linking this page: https://grapheneos.org/articles/attestation-compatibility-guide
Yes, mostly using Magisk and addon, I used it for a couple of years on a rooted device, to fool banking app and netflix and whatnot, but it’s a cat and mouse game… android update something, next time you want to tap to pay, it does not work, you have to go on XDA and search for the right addon/trick to fool it again, and 2 weeks later, same thing… after doing it for months/years, it’s boring and annoying…
Keep a “secure” phone with locked bootloader for banking/tap to pay etc, and use others phones to tinker with, install ROM, etc.
Best to buy phones that you can relock your bootloader, from memory I can only think of 2 phone manufacturers that allow that: Fairphone and Pixel phones that allow you to relock bootloader.
I bought Fairphone 5 with Degoogled /e/ OS from Murena to avoid that annoying cat and mouse game. I bought from murena website to get my phone already with degoogled firmware flashed.
In my case bootloader is locked with google attestation so 99,9% apps works, including Banks apps with TAP to pay. Bank payments that dont use google pay but implent NFC directly works (so except for google pay other pay method should work).
Both my bank apps works with tap to pay, But Your milage may vary.
Im happy with my phone. Due to all that, not a single app had issues with “valid OS checks” because it actually is valid, it did came directly from seller and never got unlocked/flashed.
It is locked but I should be able to unlock bootlader, flash different firmware version and lock it back up making the attestation valid again but didn’t do that yet so can’t be 100% sure.
/e/ OS and Graphene OS are having trouble with certain banking apps already because “it’s not the original firmware” or something. Some people have reported contacting their banks and explaining how to add exceptions for the specific ROMs, but banks don’t give a fuck.
I was hoping instead of emulating a “safe” phone, that there would be some way to modify the application for it to never make the safety request.
Unfortunately, maintaining hacked forked versions of specific apps is even more time consuming for devs than it is for us to just spoof our security environment on our phones. Popular apps like YouTube have such versions but that’s only because the userbase is there.
I’ve seen some XDA discussion on hacking apps but you’re actually just learning to become a programmer/hacker at that point. If you have a specific app, and you’re not able to hack it yourself, unfortunately spoofing via Magisk & Tricky Store is the only sustainable way.
MicroG implements Google APIs with minimal tracking. I imagine it will have whatever you mean implemented. Other checks include “update owner” and the presence of Magisk via package name, both of which can be spoofed.
deleted by creator
Don’t forget legal action. Depending on exactly what they are checking and where you live you may have a legal case that they are not allowed to check this. If you don’t have that opportunity contact your legislator (whatever that means for your country) and demand it.
