I had Revolut on my Redmi Note 8 Pro phone for a while. First when rooted, I used Magisk Hide to get around its security. 2-3 years ago my system started bootlopping and I just went with clean vendor ROM (MIUI) instead. Revolut worked fine on the device until this week. I noticed that it first showed some error that the device can't run the app because of potential security risks, such as rooting, unlocked bootloader, etc. After that it switched to brilliant UX of just showing infinite black screen over and over again. - My phone is **not rooted**. - It still has **unlocked bootloader**. - The ROM is **MIUI Global 12.5.15**. So the only potential culprit is unlocked bootloader, but it has been for years now. I don't want to lock it, nor do anything that causes any sort of data loss. E.g. I know I could go back to root + Magisk Hide, but I don't have time for it now. Revolut support was beyond useless and the only useful thing they told me to do was using some SafetyNet check app, which failed the test, with no details as to why. Other than that, they recommended basic troubleshooting I've already tried, like reinstalling, cache clearing, data clearing, restarting the device, etc. And to lose my data with factory reset, Magisk Hide or anything similar. Other banking apps I have, like mBank and Curve, still work problemlessly BTW. Why did Revolut suddenly decide to cut me off from my money? Is it related to some SafetyNet update? I doubt as it said it's deprecated in the SafetyNet test app? Is there any way to get around it **without losing data of other apps**?

I'm currently using my OEM's AOSP distribution with Google Mobile Services pre-installed. However, it's nigh unusably buggy, [\[1\]] [\[2\]] [\[3\]] [\[4\]] [\[5\]] [\[6\]] [\[7\]] so I want to switch to a 3rd-party distribution, still with GMS pre-installed. For this to be viable, I want to ensure that I'll remain able to access [Google Pay](https://play.google.com/store/apps/details?id=com.google.android.apps.walletnfcrel&pcampaignid=web_share#:~:text=Google%20Wallet) and [my bank](https://play.google.com/store/apps/details?id=com.rbs.mobile.android.natwest&pcampaignid=web_share#:~:text=Icon%20image-,NatWest%20Mobile%20Banking,-National%20Westminster%20Bank) , which are both Play Integrity protected (at their point of invocation, rather than installation, like Netlix is). However, LineageOS, /e/OS, and CalyxOS do not guarantee this. WayDroid on postmarketOS doesn't even come close. Irrespective, these can all spoof Play Integrity compliance with a Magisk module, but I don't want the worry that an update to something might ever cause me to lose certification, because I need access to my finances. I'm not directly asking about SafetyNet because I believe that it's been disabled, although if there's useful certification information about it too, I'll be glad to hear it. [\[1\]]: https://issuetracker.google.com/issues/423197817#comment1:~:text=%60com.android.settings/.wallpaper.WallpaperSuggestionActivity%60%20hangs%20the%20OS%20and%20crashes%20when%20resized%20to%20its%20smallest%20size%20with%20%60enable_freeform_support%201%60 . [\[2\]]: https://forum.fairphone.com/t/videos-recorded-via-com-fp5-camera-are-1-s-long/118864?u=rokejulianlockhart [\[3\]]: https://forum.fairphone.com/t/fp5-display-continually-loses-touch-input-when-device-is-charging/115559/18?u=rokejulianlockhart [\[4\]]: https://forum.fairphone.com/t/freeform-mode-windows-previews-are-transparent-in-com-android-quickstep-recentsactivity-view-until-the-activity-is-reinvoked/118055/2?u=rokejulianlockhart [\[5\]]: https://forum.fairphone.com/t/i-am-unable-to-utilise-split-screen-mode-with-3rd-party-launchers/118038?u=rokejulianlockhart [\[6\]]: https://forum.fairphone.com/t/navigation-bar-disappears-on-a14-using-fp5/110086/20?u=rokejulianlockhart [\[7\]]: https://forum.fairphone.com/t/random-screen-dimming-while-brightness-slider-stays-at-100-after-a12-update/93195/454?u=rokejulianlockhart

Imagine the following situation: - The vendor of my phone has stopped providing security patches for the stock OS. - The HW is perfectly fine and powerful enough for years to come, so I'm definitely not willing to replace it just to get access to security patches. - Running a phone OS with unfixed security vulnerabilities makes me uneasy. (It feels insane enough to run a computer at home with an OS that's a year behind on security patches. It's twice as insane to do the same with a device that I routinely take to all kinds of hostile environments and untrusted networks.) - Authors of all kinds of random apps have grown a habit of requiring SafetyNet attestation. - I don't need root access to my phone, and I can live with losing some of the proprietary vendor-provided features. I also don't care too much about running the latest Android version, as long as it's receiving security fixes and is compatible with most apps. I know I have the following two options: - Stick to the stock vendor OS, which is gradually going to become full of security holes. However, SafetyNet passes and I can run all kinds of apps because they feel safe on my device. - Install a custom OS. This will fail SafetyNet, unless I use a tool to hack around it and try to pretend the phone is not rooted. This approach is likely to stop working at some point, leaving me with a device that fails SafetyNet. Thus although my device may have up-to-date security patches, apps will refuse to run because they deem the device insecure. **Is there a third way, which would let me stay up-to-date on security patches while not breaking SafetyNet?** I can imagine something like a pure AOSP system, perhaps built and signed by Google or another vendor, that I could run unrooted and unmodified (relying on vendor drivers through the Treble thing).

Most emulators are easily detectable and can't pass SafetyNet/Play Integrity. Are there any low-level emulators that are not distinguishable from a real device and run a full Android? It should be not just a virtualization but a full ARM emulator that fakes everything a real device would have. It should run on Windows.

## Background : I just sent my phone for screen repairs, but now I’m trying to find out how to pass the payment confirmation on PayPal or my android‑based banking app in order to get it sent back to me. The problem is they both checks for safetynet once installed. Though on my rooted phone, the unmainted MagiskHide is enough to get them working. # Problem : There are many android virtual machines or solutions without emulations like waydroid. But if some of them allows to run Google Play services, none of them pass the safetynet check or have Magisk working on them. **I’m meaning they behave as if they are rooted devices** even when the virtual machine is unmodified.

I am on Pixel 4a running stock Android 12. I was on Magisk 23.x with Lsposed (as Riru is anyway [deprecated](https://github.com/RikkaApps/Riru)) . I had no need of updating to the latest 24.1, since everything was fine and I didn't keep up with latest Magisk changes. Till a banking app update ruined my peace, because it detected root (SBI Yono for Indian readers). All my efforts to circumvent root detection failed @ and I was forced to consider updating Magisk hoping that the *Deny list* feature would help in preventing root detection (though it's not same as Magisk Hide) or else use a compatible root hiding app Shamiko (stable version released a few days ago). This looked to be challenging since **Magisk 24.1 does not support Riru**. So **how do I run Xposed modules like XPrivacyLua, Xposed Edge etc?** This was my biggest worry. Google-fu didn't help, but a vague comment on Reddit gave hope. More search revealed other issues and their solutions, which are in the answer below. It was worth the effort since Zygisk is a key feature of Magisk and I may as well step up my game (and your's). All the best and yes, I won't be updating this to keep up with changes but you hopefully have enough pointers to find your way @Safety-net passed; developer options state hidden;device shows certified in Play Store. Hiding Magisk app 23.x involves jumping through a lot of hoops, so didn't try that.

I have a Moto G7 Plus. I installed the Pixel OS 12 Plus. I installed Magisk 25.1. I enabled both Zygisk and Enforce DenyList. In the DenyList, I only selected the Google Play Services, enabled all the items except com.google.android.gms. I rebooted and installed module MagiskHidePropsConf-v6.1.2.zip. Rebooted and installed module safetynet-fix-Zygisk-v2.2.1.zip. Rebooted and use the terminal to change the props to Google Nexus 6P. Rebooted, run Root Checker. It shows SafetyNet request Failed. CTS profile match N/A. Basic integrity N/A. What else can I do to pass the safetynet?

Further to these questions: * https://android.stackexchange.com/q/207633/131553 * https://android.stackexchange.com/questions/218179/how-to-install-edxposed-on-android-10-without-triggering-safety-net * https://android.stackexchange.com/q/231176/131553 **How does one install Xposed framework on Android 12?** **Notes:** 1. This is a self answered question for the *fourth year* on this subject! Edxposed is still in beta and Android 12 is recently released, so there would be many changes to this answer in future. Since I do not intend to update this answer with developments, others are welcome to add and modify - sadly, in the previous three questions, there hasn't been a single edit barring mine :( , so this may help the diminishing breed of Xposed module enthusiasts. 2. Answer is generic in nature and for issues relating to installation / modules you are better off asking in respective device/module threads in XDA. Moderators are welcome to make this a community wiki if warranted.

I know LSPosed passes SafetyNet on Magisk but I want pass SafetyNet on official Xposed Framework. Is possible with modules like HiddenCore, or maybe a snet.jar or framework patching trick?

In the past,solutions for preventing root detection were centered around safety-net, Magisk hide or XPosed modules like Sudo hide. With Magisk 24.1 plus Magisk Hide isn't an option and modules like Sudo hide aren't being maintained anymore. All revolving around a "frontal attack" of detecting root The sneakier way would be to find other ways to detect the root status based on finding traces of modded framework/ Xposed modules/Lsposed framework and obviously know that device is rooted and refuse to work.Or worse, a combination of both frontal and sneaky detection! As I mentioned here https://android.stackexchange.com/q/245242/131553 , Shamiko seemed to be an option but the adverse comments around it discouraged me. Searching for alternatives to Shamiko, led me to the revelation that there are enough instances already of sophisticated banking/streaming/gaming using "sneaky" ways to circumvent user measures like faking safety-net etc. So, I was getting ready for the future when one of the banking apps I use would turn sneaky and be ready for it. This search led me to an Xposed module which looks promising and (another) self-answered question. **Caveat: YMMV** If you know of another solution, please add as an answer.

Can't use my banking app **nor** pass safetynet Completely Hid the banking app, and *google store*, and *google services* on *Magisk hide*. Also tried **a few relevant *Magisk* modules:** - Magisk Hide props config (default) - Systemless host (default) - Universal SafetyNet fix 2.1.1 - Riru framework - Riru Unshare - Riru MomoHider **Relevant Xposed modules:** - RootCloak - SudoHide - XprivacyLua - Bancontact RootBypasser Also tried *Island*, and applying those modules above to the isolated app. No deal Can't disable OEM unlock, or else TWRP is blocked by some FRP What else can be done ?

Samsung G935F
Lineage OS 15.1 (Oreo 8.1)

Same use to happen before, with S7's original ROM **Important:** I have other Xposed/LSPosed modules that I **need**: - ExSDCard Access Enabler (Magisk) - App Locale 2 - Lucky+Patcher - Jasi Patcher - Disable-FLAG_SECURE - Greenify - Secure Settings - AFWall+ **And apps:** - Titanium backup ------------------------------------------------------- **Second part of the question:** How can I tell HOW the app detects root ? So I can possibly patch the leak... Block services... Make XprivacyLua more effective Maybe this second part is the most relevant here ------------------------------------------------------ **Third (optional) question:** Are there any updated news regarding this cat and mouse fight ? Is someone working against this hardware verification ? Having breakthroughs ?

Recently, Google made security changes which make sure [tag:Safety-Net] fails check when Magisk is installed. This was Tweeted by John Wu (Magisk developer) , [here](https://mobile.twitter.com/topjohnwu/status/1237656703929180160) and [here](https://mobile.twitter.com/topjohnwu/status/1237830555523149824) . Some excerpts: > So here we go, after years of fun messing around using Magisk, it seems that Google FINALLY decided to "fix" SafetyNet to something useful, and that is to use key attestation to verify device status (after 3 years since introduced to Android's platform!) > **Let's face it. Fun is over guys.** (Emphasis added) **Edit:** From [Github](https://github.com/topjohnwu/Magisk/commit/612b51d48f9771a65cfab045f931573f42d3a494) > **Disable MagiskHide by default** > Since SafetyNet CTS is impossible to achieve, leaving MagiskHide on by default no longer serves a purpose. > For more details regarding the latest SafetyNet changes, please check: > https://twitter.com/topjohnwu/status/1237656703929180160 > https://twitter.com/topjohnwu/status/1237830555523149824 > MagiskHide's functionality will continue to exist within the Magisk project as it is still extremely effective to hide modifications in userspace (including SafetyNet's basicIntegrity check). > Future MagiskHide improvements _may_ come, but since the holy grail has been taken, any form of improvement is now a very low priority It looks to me that Google could/should have implemented this earlier but didn't and the CTS check being done from within Magisk wasn't comprehensive. Please demystify this in simple terms (to the extent possible) for folks who don't understand the innards of Android (like me).

Xposed development has been in a limbo with the last update being a [beta released a year ago](https://forum.xda-developers.com/showthread.php?t=3034811) . Die hard fans of Xposed hesitate to upgrade Android, in the absence of Xposed support.This is true for the latest Android Pie as well. Magisk is useful but cannot replace Xposed for deep stuff. Yet another concern is Safety Net getting triggered when Xposed framework is installed through Magisk. What are the alternatives available? Preferably without triggering Safety Net? *Note* : 1. This is a self answered question to share my recent foray into this after upgrading to Pie. 2. Moderators are welcome to make this a wiki Q and A if it attracts more updates or if deemed fit.

Further to these questions: * https://android.stackexchange.com/q/207633/131553 * https://android.stackexchange.com/questions/218179/how-to-install-edxposed-on-android-10-without-triggering-safety-net **How does one install EdXposed on Android 11?** **Notes:** 1. This is a self answered question consolidating information from several threads on XDA / Github/ Twitter and my experience on Pixel 4a to give a helpful start to that dying breed who like to install [tag:XPosed-framework] modules . Edxposed is still in beta and Android 11 is recently released, so there would be many changes to this answer in future. Since I do not intend to update this answer with developments, others are welcome to add and modify - sadly, in the previous two questions, there hasn't been a single edit barring mine :(. Moderators are welcome to make this a community wiki if warranted. 2. Answer is generic in nature and for issues relating to installation / modules you are better off asking in respective device/module threads in XDA.

Further to this question https://android.stackexchange.com/q/207633/131553 **How does one install EdXposed on Android 10?** **Notes:** 1. This is a self answered question consolidating information from several threads on XDA / Github and my experience on Oneplus 7 to give a helpful start to that dying breed who like to install [tag:XPosed-framework] modules . Edxposed is still in beta and Android 10 is recently released, so there would be many changes to this answer in future. Since I do not intend to update this answer with developments, others are welcome to add and modify. Moderators are welcome to make this a community wiki if warranted. 2. Answer is generic in nature and for issues relating to installation / modules you are better off asking in respective device/module threads in XDA.

As widely reported on different sites, and also discussed on this site (here and here ), earlier this year, Google made changes to SafetyNet so that it could detect bootloader/verified boot status even with MagiskHide enabled. The developer of Magisk, John Wu, at that time tweeted that because Google was using the Trusted Execution Environment (TEE), its check on bootloader status could not be defeated. For example, he wrote: > this new update utilizes hardware-based key attestation. It will send an unmodified keystore certificate to SafetyNet servers, verify its legitimacy, and check certificate extension data to know whether your device have verified boot enabled (bootloader status) > > Unless there is serious implementation bugs in your ARM TrustZone (or security co-processor like Google's Titan M), you cannot break the cryptography. He basically concluded: > Let's face it. Fun is over guys. Yet, on March 14, John Wu tweeted: > So apparently CTS is just passing again out of nowhere? Maybe Google is still testing things out? > > I'm over it anyways. Google is apparently willing to use key attestation for detection. Since MagiskHide is still there, people can still always use it as usual. And another tweet from him on April 3 that I didn't quite understand: > THE BIG GOOGLE HAMMER IS BACK! Say bye bye to SafetyNet, we'll (not) miss you... Did that mean Google would somehow be removing SafetyNet, or at least not utilizing its capabilities to detect bootloader status? So there was some doubt beginning to surface in mid March. In my own test in late May 2020, with MagiskHide not enabled, SafetyNet failed, but with MagiskHide enabled and targetting my test app, SafetyNet passed, meaning that MagishHide could still defeat SafetyNet. The test was run on a Pixel 3 with android 10. So, Google may have the capability to detect MagiskHide, and it was working out in the field with real devices, but they have somehow stopped doing that? Does anyone know what is going on with SafetyNet? Was the feature temporarily reverted? Will it be coming back to SafetyNet, and if so, when?

I have a Samsung SM-G973FZGGITV (European Exynos version with Italian csc) upgraded to the stock version of Samsung Android Q. My current fingerprint is samsung/beyond1lteeea/beyond1:10/QP1A.190711.020/G973FXXU7CTF1:user/release-keys and the fingerprint I extracted from the vendor partition is samsung/beyond1ltexx/beyond1:10/QP1A.190711.020/G973FXXU7CTF1:user/release-keys now when I set one of these fingerprints trough the MagiskHide props config module the ctsProfile check still fails, the basicIntegrety check passes so there is hope. Can someone with the same phone upgraded to stock Android 10 version **pass me the fingerprint** of his phone software **when passing the ctsProfile check**? You would be my hero, I tried both listed fingerprints and have no idea why the ctsProfile does not pass. I followed this guide to try to pass SafetyNet MagiskHide props module manual

I am planning to flash Lineage OS 14.1 on my Lenovo p1ma40 to give it a new life. But I often have to do various payment and transactions using banking apps. As you might know , these apps check for safetynet status. But if I unlock bootloader to flash custom ROM, then the safety net status will be definitely tripped. My question is: I learnt that Magisk can hide root status.But if I unlock bootloader then will it be able to hide bootloader status and ensure that safety net doesn't gets tripped?

Under "SafetyNet Check Success", my Magisk shows ctsProfile is not passing? Is there anyway to check on this and figure out why?

I have Samsung Galaxy J7 Core (SM-J701F), I'm running Magisk on my device and I ran the SafteyNet test and it failed. While trying to solve this I tried to change **selinux** state to **enforced** by editing /etc/selinux.config. But when I opened the folder there was no such file! When I run getenforce command it gives me "permissive". Is this a problem and how can I fix it?