Android pay in a virtual machine - Android General

What are the chances/practicalities of setting up a pared down VM to run Android Pay and other apps and just passing hardware like nfc through to them?
Google has been doing their best to block root users from using Android Pay and who knows, they might even decide you have to pass a safetynet check just to use play services eventually (I mean why not if it's more "secure.")
Honestly though, I wish they'd just give the option to use the old Google Wallet method. Bank/reward point pass through was never something I needed anyway.

Related

Google's Bloatware!

I bought the nexus 6 today and hate the google bloatware more than any other bloatware. When Samsung or Sony or insertcompanyhere has bloatware on their phones it makes people angry. Why do these companies continue to pump resources into developing **** no one wants to use or deal with? I don't know, and I don't believe they know either. No one makes me as angry as google in this game though, because I can't shake the feeling that they should just know better. Almost all of googles preinstalled apps can not be removed. Why? Every other app requires me to have interest, download it, use it, and then uninstall it when I lose interest. Why does google think their apps are an exception, so much so that they design android software to break if you try to remove their garbage? Can someone, anyone, link me a resource that can show me how to get rid of every google app from my phone? I don't want it disabled, I want it obliterated from my cell phone. Google +, Google Maps, Google Hangouts, Google everything but the market. Can this be done? If the baby has to be thrown out with the bathwater, what rom will give me stock android with google play ONLY, and how do I install it. And can anyone explain to me why google is so scared of their apps not being used that they consistently shove it down the throats of humanity with such violent, unrelenting force? Why can they not have all of their apps that lots of people use available for download on the market, and sell the nexus 6 with nothing but the market, giving everyone the OPTION to download their applications, and the OPTION to uninstall it when they are done, or not install it to begin with? I pray for that day to come!
Warlock10000 said:
I bought the nexus 6 today and hate the google bloatware more than any other bloatware. When Samsung or Sony or insertcompanyhere has bloatware on their phones it makes people angry. Why do these companies continue to pump resources into developing **** no one wants to use or deal with? I don't know, and I don't believe they know either. No one makes me as angry as google in this game though, because I can't shake the feeling that they should just know better. Almost all of googles preinstalled apps can not be removed. Why? Every other app requires me to have interest, download it, use it, and then uninstall it when I lose interest. Why does google think their apps are an exception, so much so that they design android software to break if you try to remove their garbage? Can someone, anyone, link me a resource that can show me how to get rid of every google app from my phone? I don't want it disabled, I want it obliterated from my cell phone. Google +, Google Maps, Google Hangouts, Google everything but the market. Can this be done? If the baby has to be thrown out with the bathwater, what rom will give me stock android with google play ONLY, and how do I install it. And can anyone explain to me why google is so scared of their apps not being used that they consistently shove it down the throats of humanity with such violent, unrelenting force? Why can they not have all of their apps that lots of people use available for download on the market, and sell the nexus 6 with nothing but the market, giving everyone the OPTION to download their applications, and the OPTION to uninstall it when they are done, or not install it to begin with? I pray for that day to come!
Click to expand...
Click to collapse
Let me see. Your using a Google OS on a Google device. All you need is root to remove these apps. If you search will find a project that is android without Google, but mind you that without Google's services you will lose alot of the abilities of the OS

The status of Android without a Google Account

Hi everyone,
I have been researching and I've compiled a list of all the options available to use an Android device with Cyanogenmod without a Google account and I was wondering if anyone has a better solution considering the options I've found are all lacking.
Here is what I found including the issues for each option:
- Amazon web store (Not every app is available)
- Third party repositories, like apkmirror (Security implications of running apk that anyone can upload)
- F-Droid (Not every app is available)
- Getting the apps I need from the play store once and then backup the apks with a file manager (No updates) or I am going to need a different phone with a Google account and the play store.
Moral of the story, it's not easy to run an android phone without a google account.
Ps. A solution that I think could work (but I wasn't able to find a project that works) is an open source apk downloader (maybe on github) that get the apps straight from google via command line but all the projects I've seen are either out of date or not working...
Any suggestion is really appreciated! Thank you all!
Keep an android device with google play installed, then move the apks of things i really want, or bought already.
But honestly, after some choices I've made (running my own dropbox-like service on my server) I could definitely live with just F-Droid. Of course I'm not using some stuff like facebook or snapchat, so my needs in terms of apps isn't as extensive as others. Sometimes it does feel like i'm hamstrung when the next new fad comes and goes, but I'll live without them.
surfinpika said:
Keep an android device with google play installed, then move the apks of things i really want, or bought already.
But honestly, after some choices I've made (running my own dropbox-like service on my server) I could definitely live with just F-Droid. Of course I'm not using some stuff like facebook or snapchat, so my needs in terms of apps isn't as extensive as others. Sometimes it does feel like i'm hamstrung when the next new fad comes and goes, but I'll live without them.
Click to expand...
Click to collapse
Hi surfinpika,
thanks for your input, I am starting to feel like your solution (of having a separate device with just the google account setup) is the cleanest option.
I am not into facebook or snapchat or the next fad either... but f-droid wouldn't cut it for me, stuff like keepass2android or some of the other apps I use are definitely not there. I wonder what are the security implications of using F-Droid compared to getting the apks from apkmirror. Considering my level of paranoia I wouldn't feel safe with either option.
_polymar said:
Hi surfinpika,
thanks for your input, I am starting to feel like your solution (of having a separate device with just the google account setup) is the cleanest option.
I am not into facebook or snapchat or the next fad either... but f-droid wouldn't cut it for me, stuff like keepass2android or some of the other apps I use are definitely not there. I wonder what are the security implications of using F-Droid compared to getting the apks from apkmirror. Considering my level of paranoia I wouldn't feel safe with either option.
Click to expand...
Click to collapse
One issue I can think of with this approach is that both the device with google play store and the device where the apps are going to be installed will require the same CPU architecture.
Won't be able to download the apk on a cheap android (most likely ARM) and install it on ARM64...
_polymar said:
One issue I can think of with this approach is that both the device with google play store and the device where the apps are going to be installed will require the same CPU architecture.
Won't be able to download the apk on a cheap android (most likely ARM) and install it on ARM64...
Click to expand...
Click to collapse
Yeah, luckily my back up is the same architecture as my non-gapps phone.
And there are also ways of getting some of the apks straight from the sources, like keepass2android from the project's website. but even if it is google, they sort of give a sense of security in that the apk won't be messed with.
It's such a mess though otherwise, hard to separate the google from the android, and no other viable OSs are any better. hope some competition at least makes a nice little niche to get away from the big G.

Mate 30 pro GSF ID

i am wanting to get a mate 30 pro and of course install google services on it...
in almost every video tutorial i saw whether its the mate 30 pro or the mate 30 or the p40 the GSF ID is always the same.
the GSF ID is supposed to be unique to every device yet in these videos they are all the same (see below the two i got from videos).
so in essense 100's if not 1000's of people using the restore method are using the same GSF ID? isnt that dangerous to the google play account its lined to?
I am also curious whether this has to do with the backup we're restoring to the phone.
Also, i am spooked by the big G application. who knows what backdoor it maybe opening?
3db5868d120809ca
3497da632b1481ce
The big G is the lz play exploit app. I used it to get GMS on my mate 30 Pro last year when it was still an easy fix. I have noticed nothing but I did uninstall it after the fix. Not sure about the most recent fixes? As for the G Id, this could be something like one of Microsoft bulk licensing where one product Id is put on loads of the same PCs ( Dell, HPs etc), not sure but could be something like that? It is obviously from a working account that has been backed up though and copied. But if you need to use GMS, then there is not much choice really.
Is there a working option without crutches now?
Aliexpres now sell phones with Already Installed Google Services
Sathelp said:
The big G is the lz play exploit app. I used it to get GMS on my mate 30 Pro last year when it was still an easy fix. I have noticed nothing but I did uninstall it after the fix. Not sure about the most recent fixes? As for the G Id, this could be something like one of Microsoft bulk licensing where one product Id is put on loads of the same PCs ( Dell, HPs etc), not sure but could be something like that? It is obviously from a working account that has been backed up though and copied. But if you need to use GMS, then there is not much choice really.
Click to expand...
Click to collapse
Thanks for the reply.
I understand your explanation but as i read about the GSF ID its like a car license number or rather a serial # for a device. this ID could be tied to your google account or rather device serial #.
I now understand why when installing and uninstalling the framework you have to keep retrying to get the ID back...i think its a hole in the google system where it just gives up and assigns it to you.
I dont know. I feel this is dangerous that all of us are sharing one GSF ID from a backup.
If the device was able to be rooted you can generate a new one.
i am sure the people that generated this backup had rooted their device because when the device first launched there was a service to unlock the bootloader. now its no more.
this is the article i am talking about that concerns the GSF ID:
https://blog.onyxbits.de/what-exactly-is-a-gsf-id-where-do-i-get-it-from-and-why-should-i-care-2-12/
LamerOk said:
Is there a working option without crutches now?
Aliexpres now sell phones with Already Installed Google Services
Click to expand...
Click to collapse
they are probably using the methods everyone is using, putting the phone back in the box and shipping it. i see no other solution. unless root and thats not possible since bootloader unlock services for the device has stopped.
That was how my mate 30 Pro arrived but I reset it and used the lzplay method when it worked back then myself for the sake of it. Good read above, I think we will have to wait a while to see what happens next.
Sathelp said:
That was how my mate 30 Pro arrived but I reset it and used the lzplay method when it worked back then myself for the sake of it. Good read above, I think we will have to wait a while to see what happens next.
Click to expand...
Click to collapse
I think we should no longer hope that the USA will grant Google the authorization to work with Huawei seen the tensions between China and the US and the Covid-19 story. I have google spy services up and running since late last year and have no issue, granted my use of google apps is very limited. If we have a backdoor installed through lzplay we will never know but if you have google, wattsapp, fakebook etc installed you can be sure you will be tracked, profiled in one way or the other. That is a fact.
cfds said:
I think we should no longer hope that the USA will grant Google the authorization to work with Huawei seen the tensions between China and the US and the Covid-19 story. I have google spy services up and running since late last year and have no issue, granted my use of google apps is very limited. If we have a backdoor installed through lzplay we will never know but if you have google, wattsapp, fakebook etc installed you can be sure you will be tracked, profiled in one way or the other. That is a fact.
Click to expand...
Click to collapse
So your suggestions... to get rid of Google in order not to be tracked?
the average consumer has no clue of what lzplay is doing. its the most dangerous app out there using the MDM technique (mentioned above).
today at the mall i saw a girl representative for a reseller company in my country for huawei products and she had it installed.
i warned her and told her she committed a mistake but ppl see their phones working fine and dont worry about it. you wont know if the app is sending or stealing your data...(Well, actually, you can install a firewall app and track which apps are sending data to what destination - thats one way that came to my mind)
The issue remains is: We dont know who created lzplay and made a website and made the app. thats the scary part.
Now, another perception of this could be the following:
MAYBE, just maybe the lzplay was released by huawei themselves and if so then we need not worry. i mean we run on their operating system. they would have no interest in stealing data. they can already do that ...
This is being optimistic and thinking this maybe a fact.
i, myself will not venture into this and wont attempt it. Almost all apps work fine except for one thing: Games that rely on Google play games will fail without having the GMS files installed.
I dont play games so its not a big deal for me.
besides, most games now-a-days give you the option of logging in with facebook or google play games. select facebook and you'll be fine.
cylent said:
the average consumer has no clue of what lzplay is doing. its the most dangerous app out there using the MDM technique (mentioned above).
today at the mall i saw a girl representative for a reseller company in my country for huawei products and she had it installed.
i warned her and told her she committed a mistake but ppl see their phones working fine and dont worry about it. you wont know if the app is sending or stealing your data...(Well, actually, you can install a firewall app and track which apps are sending data to what destination - thats one way that came to my mind)
The issue remains is: We dont know who created lzplay and made a website and made the app. thats the scary part.
Now, another perception of this could be the following:
MAYBE, just maybe the lzplay was released by huawei themselves and if so then we need not worry. i mean we run on their operating system. they would have no interest in stealing data. they can already do that ...
This is being optimistic and thinking this maybe a fact.
i, myself will not venture into this and wont attempt it. Almost all apps work fine except for one thing: Games that rely on Google play games will fail without having the GMS files installed.
I dont play games so its not a big deal for me.
besides, most games now-a-days give you the option of logging in with facebook or google play games. select facebook and you'll be fine.
Click to expand...
Click to collapse
If anybody who is without Google will share the experience, honesty thinking of making hard reset and stay without Google...
cylent said:
the average consumer has no clue of what lzplay is doing. its the most dangerous app out there using the MDM technique (mentioned above).
today at the mall i saw a girl representative for a reseller company in my country for huawei products and she had it installed.
i warned her and told her she committed a mistake but ppl see their phones working fine and dont worry about it. you wont know if the app is sending or stealing your data...(Well, actually, you can install a firewall app and track which apps are sending data to what destination - thats one way that came to my mind)
The issue remains is: We dont know who created lzplay and made a website and made the app. thats the scary part.
Now, another perception of this could be the following:
MAYBE, just maybe the lzplay was released by huawei themselves and if so then we need not worry. i mean we run on their operating system. they would have no interest in stealing data. they can already do that ...
This is being optimistic and thinking this maybe a fact.
i, myself will not venture into this and wont attempt it. Almost all apps work fine except for one thing: Games that rely on Google play games will fail without having the GMS files installed.
I dont play games so its not a big deal for me.
besides, most games now-a-days give you the option of logging in with facebook or google play games. select facebook and you'll be fine.
Click to expand...
Click to collapse
I understand your concerns and it is very valid. Over the last 4 months of usage, I have not notice any unauthorised data being sent. I had a filewall installed for removed it just a couple of weeks back.
But again, I can't be 100% sure.
Archibald1963 said:
If anybody who is without Google will share the experience, honesty thinking of making hard reset and stay without Google...
Click to expand...
Click to collapse
I just do a full reset of my phone with GMS trying only using HMS. So far it's easy with phone clone and Aurora store. The only thing I miss are the notifications from Google and Twitter, but everything else is working perfect.
If you guys have specific questions concerning the GSF ID, I'd be happy to answer them. I'm the author of the aforementioned blog post, as well as several tools that deal with Google Play Services (in case you don't have/want them on your phone).
onyxbits said:
If you guys have specific questions concerning the GSF ID, I'd be happy to answer them. I'm the author of the aforementioned blog post, as well as several tools that deal with Google Play Services (in case you don't have/want them on your phone).
Click to expand...
Click to collapse
Is there a way to change de GSF ID of the phone manually? For example give the GSF ID of a Samsung device that works with FCM to a Mate 30 Pro, so that the Mate 30 Pro won't have the notifications issue when GSM are installed.
Or go back to a GSF ID that works perfectly and by mistake the phone's memory has been wiped and now the GSF ID doesn't work to receive FCM notifications.
tistasis said:
Is there a way to change de GSF ID of the phone manually? For example give the GSF ID of a Samsung device that works with FCM to a Mate 30 Pro, so that the Mate 30 Pro won't have the notifications issue when GSM are installed.
Or go back to a GSF ID that works perfectly and by mistake the phone's memory has been wiped and now the GSF ID doesn't work to receive FCM notifications.
Click to expand...
Click to collapse
You are not suppose to change it manually. However, you can always request a new one by clearing the cache of the market app. The GSF ID is kept in that apps database, so if you wanted to change it manually, you'd have to install the android platform tools, use ADB to pull the file (root required), use sqlite3 to make the changes (the key is called "android_id", not GSF ID for legacy reasons), then push the file back to the device. Reboot afterwards.
onyxbits said:
You are not suppose to change it manually. However, you can always request a new one by clearing the cache of the market app. The GSF ID is kept in that apps database, so if you wanted to change it manually, you'd have to install the android platform tools, use ADB to pull the file (root required), use sqlite3 to make the changes (the key is called "android_id", not GSF ID for legacy reasons), then push the file back to the device. Reboot afterwards.
Click to expand...
Click to collapse
I used the Windows tools above to change the GSF ID of my un-rooted Samsung Galaxy A325G, and they worked fine... but does anyone know how the new GSFID was determined?
Is it random?
EDIT: I might be able to figure out how it's generated using "Dummy Droid".
[Tool] DummyDroid - GSF ID generator
Dummy Droid is a mainly a companion tool for the Raccoon APK Downloader . It allows you to create hardware profiles for arbitrary Android devices and upload them into your Google Play account, generating a new GSF ID in the process.
Mocks can either be generated by probing an existing device via ADB or be completely made up from scratch. You (may) need this tool if Google Play won't give you access to an app because of device incompatibilities, country or carrier restrictions. You (may) also need this tool if you are an app developer yourself and want to test compatibility filter settings without actually owning the target device.
Click to expand...
Click to collapse

Google Pay not working with Magisk, despite trying everything

I know this is not the only post in regards to the recent Google Pay and Wallet updates not working on rooted phones, and maybe I missed something, but I don't think I'm the only one who has seemingly tried everything, only for it to do the same thing. What I've tried:
Installing Displax's SafetyNet mod
Adding all Google Play components and Pay and Wallet to the Denylist
Editing the dg.db database, including manually and with the GPay-SQLite-Fix module
Changing the device's fingerprint to Android 10 (I have a Pixel 5, so I changed it to a 4 XL, which is the newest similar phone to mine to support Android 10) and Android 11.
Side note: This causes CTSProfileMatch to fail for me, so I see no point in changing it.
Installed DevOptsHide and Hide USB Debug Mode Xposed modules, as one suggested on the Github issue for kdrag0n's SafetyNet Fix.
That was all I could find regarding this issue. It's worth noting that once I edited the dg.db file, it would say that it meets the safety requirements until I try to add a card, at which point I can't, and the safety requirements are no longer met. If somebody can find or share something I don't know or haven't seen, I would greatly appreciate it. It really sucks how hard Google is clamping down rooted devices; it seems like they really don't like it. Anyway, have a good one, and stay safe!
Today all app developers as Google and/or OEMs without any difficulty are able to detect whether their device's OS got tampered or not: you can't prevent this.
xXx yYy said:
Today all app developers as Google and/or OEMs without any difficulty are able to detect whether their device's OS got tampered or not: you can't prevent this.
Click to expand...
Click to collapse
So are you saying that I'm SOL for now until the community comes up with a fix? It seems like what worked a month ago is already obsolete.
Bump

Question google wallet error

Device doesn't meet security requirements
Is your device rooted or do you have adb enabled? If the device is rooted you need to do some things to hide it. If your device is not rooted, maybe check to make sure adb is disabled.
Like the comment above says, if you're rooted with Magisk, install this and it should start working fine after wiping the app.
Releases · Displax/safetynet-fix
Google SafetyNet attestation workarounds for Magisk - Displax/safetynet-fix
github.com
Adding on to this just because it's about Google Wallet...
What's the point of Google Wallet when there's Google Pay? The Pixel 7 setup kinda tried to make you download Wallet instead of Pay. Isn't Wallet just a piece of Pay that they took out?
Curiousn00b said:
Like the comment above says, if you're rooted with Magisk, install this and it should start working fine after wiping the app.
Releases · Displax/safetynet-fix
Google SafetyNet attestation workarounds for Magisk - Displax/safetynet-fix
github.com
Adding on to this just because it's about Google Wallet...
What's the point of Google Wallet when there's Google Pay? The Pixel 7 setup kinda tried to make you download Wallet instead of Pay. Isn't Wallet just a piece of Pay that they took out?
Click to expand...
Click to collapse
Wallet is the successor to Pay. They just haven't removed the old app
synesthete said:
Is your device rooted or do you have adb enabled? If the device is rooted you need to do some things to hide it. If your device is not rooted, maybe check to make sure adb is disabled.
Click to expand...
Click to collapse
I am currently rooted I am able to pass safety net I also have hide google wallet in magisk
highgrade said:
Device doesn't meet security requirements
Click to expand...
Click to collapse
Is this when you're trying to pay with Wallet or just setting up the app?
If it's while trying to pay, it might be because you unlocked your phone via face unlock before paying. You might have to unlock with the fingerprint scanner to make sure it works.
Might not be your issue here and I hate to say it but man, the fact that this is an issue at all makes me mad, for any regular user such an error would make absolutely no sense, and you would never understand it unless someone tells you.
highgrade said:
I am currently rooted I am able to pass safety net I also have hide google wallet in magisk
Click to expand...
Click to collapse
I am rooted and wallet is working. Here is how I have set mine up:
Magisk installed:
Zygisk enabled
Enforce Denylist enabled
Denylist blocking: Wallet, Pay, Google Play Services, and some other banking apps.
Install the Safetynet Fix module from this post: https://forum.xda-developers.com/t/magisk-module-universal-safetynet-fix-2-3-1.4217823/post-87198517
Then install the MagiskHidePropsConfig module. (No need to configure it).
Force quit Wallet and wipe its data.
For quite and wiped data for Google Play Services.
Reboot
Then added card.
Those were the only modules that I needed. Maybe disable anything else you don't need while doing this in case they conflict.
JakeDHS07 said:
Wallet is the successor to Pay. They just haven't removed the old app
Click to expand...
Click to collapse
I think Pay has transitioned to being an app to send money to friends/family/etc like Venmo. I haven't used it since its split with Wallet, though.
Curiousn00b said:
What's the point of Google Wallet when there's Google Pay? The Pixel 7 setup kinda tried to make you download Wallet instead of Pay. Isn't Wallet just a piece of Pay that they took out?
Click to expand...
Click to collapse
JakeDHS07 said:
Wallet is the successor to Pay. They just haven't removed the old app
Click to expand...
Click to collapse
As I understand it, Wallet holds all your "cards" like loyalty cards, gift cards, and transportation passes (metro, train, bus) -- hence "wallet" -- while GPay handles the credit cards for transactions for in-store/shops.
I guess Wallet is the app while GPay might be classified as the process...
Also...
synesthete said:
I think Pay has transitioned to being an app to send money to friends/family/etc like Venmo. I haven't used it since its split with Wallet, though.
Click to expand...
Click to collapse
Yes I noticed that GPay is transitioning to be like Venmo. I haven't used GPay in a long time, but since setting it up on my P7P, it was pushing hard to set things up so I could "easily send/receive payments to my family & friends" (like Venmo, i imagine...)...
simplepinoi177 said:
As I understand it, Wallet holds all your "cards" like loyalty cards, gift cards, and transportation passes (metro, train, bus) -- hence "wallet" -- while GPay handles the credit cards for transactions for in-store/shops.
I guess Wallet is the app while GPay might be classified as the process...
Click to expand...
Click to collapse
Just an FYI, but Wallet is just a part of GPay. What @Curiousn00b had said earlier in this thread is correct. GPay can do everything that Google Wallet does - and more. So therefore, GPay can handle credit cards, debit cards, gift cards, loyalty cards, transit passes, tickets, etc.
The reason why Google has released the Google Wallet app - an app specifically for adding your payment cards, transit cards, loyalty cards, etc - is because a large swarm of people were complaining about GPay being too difficult to use (as the newer features were seemingly confusing to the less tech-knowledgeable folks - which is still around 75-80% of the global population). Google had announced this publicly on a blog post around 1-2 years ago.
highgrade said:
Device doesn't meet security requirements
Click to expand...
Click to collapse
Post #2 - Unlocking Bootloader / Rooting / Updating | SafetyNet | ADB/Fastboot & Windows USB Drivers:
SafetyNet
Hello,
I have a successfully rooted Pixel 7 and the November update.
Magisk modules:
AOSP Mods (Full version)
Call Recorder - SKVALEX
Systemless Hosts
Universal safety Net fix
Zygisk - LSPosed
DenyList contains enabled:
Google Wallet
Google Play Protect service
com.android.systemui.plugin.globalactions.wallet
Play Integrity API Checker
Everything was fine until now, but when I open Wallet today, I get the following information:
"Device doesn't meet security
requirements You can't tap to pay with this device. It may be rooted or running uncertified software. Contact your device manufacturer or visit Google Wallet Help for more info."
My cards were not removed, it seems that the wallet is functional, but this information worries me. This information is not displayed every time when the wallet application is turned on. Everything else works for me (banks, netflix...), I go through safetynet.
I have one more question.
I don't know exactly how these things work...
How about the safetynet? Could it happen that one day GooglePay and Bank apps will stop working for me without an OS update or some other magisk module installation??
If it works for me now, and I don't do an OS update, will it still work for me?
I ask because these applications are very important for my daily work and I can't afford to be surprised by a malfunction at an inopportune moment due to root.
Thank you very much!
efkosk said:
Hello,
I have a successfully rooted Pixel 7 and the November update.
Magisk modules:
AOSP Mods (Full version)
Call Recorder - SKVALEX
Systemless Hosts
Universal safety Net fix
Zygisk - LSPosed
DenyList contains enabled:
Google Wallet
Google Play Protect service
com.android.systemui.plugin.globalactions.wallet
Play Integrity API Checker
Everything was fine until now, but when I open Wallet today, I get the following information:
"Device doesn't meet security
requirements You can't tap to pay with this device. It may be rooted or running uncertified software. Contact your device manufacturer or visit Google Wallet Help for more info."
My cards were not removed, it seems that the wallet is functional, but this information worries me. This information is not displayed every time when the wallet application is turned on. Everything else works for me (banks, netflix...), I go through safetynet.
I have one more question.
I don't know exactly how these things work...
How about the safetynet? Could it happen that one day GooglePay and Bank apps will stop working for me without an OS update or some other magisk module installation??
If it works for me now, and I don't do an OS update, will it still work for me?
I ask because these applications are very important for my daily work and I can't afford to be surprised by a malfunction at an inopportune moment due to root.
Thank you very much!
Click to expand...
Click to collapse
I have Play Store, GPay, and Google Wallet on the DenyList and don't have this error.
And yes, Google can easily decide one day to bypass the DenyList or force hardware attestation at which point you would have to choose between your apps and root. It's been a whack a mole game for awhile now and that's just expected to become worse.
EtherealRemnant said:
I have Play Store, GPay, and Google Wallet on the DenyList and don't have this error.
And yes, Google can easily decide one day to bypass the DenyList or force hardware attestation at which point you would have to choose between your apps and root. It's been a whack a mole game for awhile now and that's just expected to become worse.
Click to expand...
Click to collapse
Thanks!
In the meantime, I cleaned the google play cache storage, added the cards again. I haven't received a bad notification yet
Do I understand correctly that at any time without any action on my part (update app, updateOS) my bank apps, gpay can stop working due to root?
efkosk said:
Thanks!
In the meantime, I cleaned the google play cache storage, added the cards again. I haven't received a bad notification yet
Do I understand correctly that at any time without any action on my part (update app, updateOS) my bank apps, gpay can stop working due to root?
Click to expand...
Click to collapse
If you turn off updates, it's extremely unlikely that it would change, but you're also taking added risk when it comes to exploits and I wouldn't recommend this path.
are we talking about an application or OS update?
If it can stop working for me after the next OS update (via pixelflasher, for example), then that is acceptable for me.
But if it can happen to me after an automatic update of the application via Google Play, it's a problem.
Sorry for possibly stupid questions, I'm trying to understand how it works.
Thank you very much for your help and giving of your time.
efkosk said:
are we talking about an application or OS update?
If it can stop working for me after the next OS update (via pixelflasher, for example), then that is acceptable for me.
But if it can happen to me after an automatic update of the application via Google Play, it's a problem.
Sorry for possibly stupid questions, I'm trying to understand how it works.
Thank you very much for your help and giving of your time.
Click to expand...
Click to collapse
Either can happen. There are ways to detect root that get past our attempts to hide it as it is so an app update can add further detection easily. Just ask my Security Service Federal Credit Union app that won't even open on a rooted phone no matter what I do.
Can I "quickly unroot" it by uninstalling magisk? Does it wipe my data? I want rooted, but I need planB in a crisis situation.
Thx for your reply!
Users with root are not afraid of the situation that they ask for a bill in a restaurant and Gpay won't work for them?
efkosk said:
Can I "quickly unroot" it by uninstalling magisk? Does it wipe my data? I want rooted, but I need planB in a crisis situation.
Thx for your reply!
Users with root are not afraid of the situation that they ask for a bill in a restaurant and Gpay won't work for them?
Click to expand...
Click to collapse
Unfortunately removing root just exposes the unlocked bootloader and GPay won't work with that condition either. It's why I rooted in the first place so I could pass SafetyNet again as Discover is 5% with mobile wallet this quarter.
I carry credit cards with me everywhere I go. It's only recently I've started using tap to pay as it wasn't really available in the Denver area. Even now I can only thing of a couple places that take it - namely the liquor store I go to with my husband lol. Interestingly I went to Dollar Tree yesterday and they have added it.
So if I want to unroot, I will lose data, because after re-locking the bootloader, the data is wiped. I'm right?
efkosk said:
So if I want to unroot, I will lose data, because after re-locking the bootloader, the data is wiped. I'm right?
Click to expand...
Click to collapse
Correct. Honestly I wouldn't say you're at immediate risk of having an issue and that dumping root and all that just for a remote possibility isn't worth it.
You can also turn off automatic app updates for the individual apps in the Play Store. As long as you leave automatic updates on for the rest of your apps, the ones you disable individually will just be sitting there showing updates and you can choose to update them when you're ready.

Categories

Resources