Hello Forum People,
I have my bootloader unlocked, build MHA-L29C432B198, TWRP recovery and I use Magisk v14.5 however I cannot seem to pass SafetyNet with Magisk failing on ctsProfile and basicIntegrity and "SafetyNet Test" (from the Play Store) passing Safety Net Request but failing Response Signature Validation ("Response Payload Validation Failed").
I have a suspicion that this is due to the unlocked bootloader as I have removed Magisk and anything else I think might have tripped SafetyNet but always the same issue.
Can anyone confirm if this is the cause or otherwise and if having my bootloader unlocked is 'causing SafetyNet to fail then is it safe to relock after re-installing Magisk and returning recovery back to stock or is there some kind of work around?
Muchos appreciated in advance!!
It works fine with unlocked bootloader. Check in Playstore - hamburger menu - scroll down - Settings - scroll down - Device certification: can be certified or uncertified.
It's usually uncertified if your firmware is not approved yet by Huawei. And that would make safetynet fail.
What modules are you using? Xposed will also make safetynet fail.
You could try installing the propfix for magisk, found here: https://mega.nz/#!IOAgibSQ!uix7Gku_MY0ETP-zTae03awF_uH_Jgatr1SDEEvw77A
And did you happen to have SuperSU installed prior to Magisk?
ante0 said:
It works fine with unlocked bootloader. Check in Playstore - hamburger menu - scroll down - Settings - scroll down - Device certification: can be certified or uncertified.
It's usually uncertified if your firmware is not approved yet by Huawei. And that would make safetynet fail.
What modules are you using? Xposed will also make safetynet fail.
You could try installing the propfix for magisk, found here: https://mega.nz/#!IOAgibSQ!uix7Gku_MY0ETP-zTae03awF_uH_Jgatr1SDEEvw77A
And did you happen to have SuperSU installed prior to Magisk?
Click to expand...
Click to collapse
I have tried the propfix and that was unsuccessful in my case. Looks like it's because the firmware is uncertified which is confusing since I updated OTA by official means; update manager gave me a notification, I updated.
Is this a likely scenario that it could be uncertified even though they issued the update?
beejkitsune said:
I have tried the propfix and that was unsuccessful in my case. Looks like it's because the firmware is uncertified which is confusing since I updated OTA by official means; update manager gave me a notification, I updated.
Is this a likely scenario that it could be uncertified even though they issued the update?
Click to expand...
Click to collapse
So according to HiSuite I have an official ROM, I have performed a full factory reset and I am still getting uncertified status through Play Store. I cannot understand this as previously everything was working fine, I could use my banking app etc. and then one day everything stopped working and the only thing I can trace it to is this uncertified status.
Can anyone help me at all because short of going to extremes of using FH to rebrand etc I am all out of ideas and not being able to pass SafetyNet is really annoying; I can no longer use my banking app or Android Pay.
beejkitsune said:
So according to HiSuite I have an official ROM, I have performed a full factory reset and I am still getting uncertified status through Play Store. I cannot understand this as previously everything was working fine, I could use my banking app etc. and then one day everything stopped working and the only thing I can trace it to is this uncertified status.
Can anyone help me at all because short of going to extremes of using FH to rebrand etc I am all out of ideas and not being able to pass SafetyNet is really annoying; I can no longer use my banking app or Android Pay.
Click to expand...
Click to collapse
This is infuriating. I cannot seem to fathom why my device would suddenly be unverified.
I have considered locking my bootloader again but with attempts to do that I am given re-locked status. Suggestions, anyone, please?
Sent from my Mate 9 using XDA Labs
beejkitsune said:
This is infuriating. I cannot seem to fathom why my device would suddenly be unverified.
I have considered locking my bootloader again but with attempts to do that I am given re-locked status. Suggestions, anyone, please?
Sent from my Mate 9 using XDA Labs
Click to expand...
Click to collapse
I know my comment comes a little late, but just so you know,
I'm not certified (according to Google play store), and yet I pass SafetyNet. So your problem doesn't seem to be related.
I'm on B197 and Safety Net 14.3, and B197 was also officially pushed to my phone by Huawei.
Surfinette said:
I know my comment comes a little late, but just so you know,
I'm not certified (according to Google play store), and yet I pass SafetyNet. So your problem doesn't seem to be related.
I'm on B197 and Safety Net 14.3, and B197 was also officially pushed to my phone by Huawei.
Click to expand...
Click to collapse
Thanks for the reply. My solution ended up being to. Rebrand and then update to the Oreo release MHA-L29C432 8.0.0.361. Play Store now certified and passing SafetyNet with no issues. I'm still not 100% sure what tripped SafetyNet originally, nothing seems to be consistent with other people's experiences but I have now a resolution albeit not the desired approach, nor solution.
I have a (non-essential) app that I can not make to work on my new phone with the following error message:
Integrity check failed
Modifications on your phone have been detected. The app can not be used due to security reasons.
Details: The device is checked for signs of root access, respectively if the bootloader is unlocked. For these checks only local elements are used, no data is submitted to external services.
Click to expand...
Click to collapse
This is on a POCO X3 NFC with unlocked bootloader, custom ROM (ArrowOS 11) with microG (instead of Google Play Services) and stable Magisk (v22.0) with MagiskHide applied to that app. I have also already tried to freeze Magisk with AirFrozen, which is a trick that works on a problematic banking app, but that did not change anything.
The strange thing is, that the same app (and same app version) does not show that error on a OnePlus 6 with unlocked bootloader, custom ROM (LineageOS 16 for microG) and Magisk with MagiskHide applied to that app.
I have no idea what the difference may be any and how this is possible.
Any ideas?
https://github.com/kdrag0n/safetynet-fix check and download from release section if you want
etahamad said:
https://github.com/kdrag0n/safetynet-fix check and download from release section if you want
Click to expand...
Click to collapse
If you are replying to me, it's definitely not a SafetyNet issue, because my devices haven't passed SafetyNet since it stopped working with microG about a year (?) ago.
Hi All, I've got the latest build of Android 11 (december) and Magisk v23 installed, and I fail all the attestation safetynet checks including basicintegrity. Has anyone gotten this to work? I do have root which is working just fine. My problem is I can't use one of my banking apps. Ironically it was working on an older version of Magisk, but hasn't since I updated.
I have the Verizon LG Velvet. It works fine but here is the issue.
Android 10 software version-G900VM10e-Google Pay works fine. SafetyNet check gives the phone a good pass on all:
SafetyNet Request-PASS
Response Signature-PASS
Validation-PASS
Basic Integrity-PASS
CTS Prifile Match-PASS
However, when the phone reaches Android 11 G900VM20F via updates, CTS Profile Match comes back with a FAIL. And Google Pay no longer works. I get the following message when trying to set up my cards in Google Pay:
{Couldn't finish setup to pay in stores-This phone can't be used to pay in stores.This may be because it is rooted or altered in some other way.}
This phone was never rooted and I only get this message when the phone reaches the 20f firmware update. I had to downgrade the phone back to Android 10 G900VM10e in order to continue using Google Pay. But the phone will update back up again to 11.
Does anyone know what may be the issue and how it can be fixed? Thanks
NVM....updates corrected it this time around
I can confirm that Google Pay does not work on Velvet 5G, Android 12, Software Version: G900VM30f.
Same CTS failure. Phone was never rooted.
What is the working version of the firmware that you are using?
abuchison said:
I can confirm that Google Pay does not work on Velvet 5G, Android 12, Software Version: G900VM30f.
Same CTS failure. Phone was never rooted.
What is the working version of the firmware that you are using?
Click to expand...
Click to collapse
It was a dead issue. The same issue returned shortly after I thought it cleared. I ended up getting a refund from the seller.
Google Pay does not work.
-The phone fails Play Store certification.
-The phone fails CTS check
The phone is 100% stock and never rooted.
Software Version: G900VM30f (The latest available)
Anyone else ran into this issue? What was the last firmware version that worked with GPay?
No Velvet 5g owner uses GPay?