I have followed the instructions here to update my OnePlus6 from OOS 09.09 to OOS 10. It all worked fine and I lost no data, although it has a few quirks. Minor bugs that I expect will get fixed in a coming release. The problem is that my phone no longer passes the SafetyNet tests, and so I can no longer use my phone for Google Pay. Is anyone else having that problem?
To be very clear, when on the 9.09 release with TWRP and Magisk my phone passed the SafetyNet tests and GooglePay work just fine. Now, both the Basic Integrity and CTS Profile Match tests fail.
I am on oneplus 6 android 10 openbeta 1
With unlock bootloader and encrypted.
Magisk installed.
This mod work on my phone
Yes. Passed both CTS and BasicIntegrity
Yep, here too. Everything passes, and i can pay with Google Pay.
ButtonBoy said:
I have followed the instructions here to update my OnePlus6 from OOS 09.09 to OOS 10. It all worked fine and I lost no data, although it has a few quirks. Minor bugs that I expect will get fixed in a coming release. The problem is that my phone no longer passes the SafetyNet tests, and so I can no longer use my phone for Google Pay. Is anyone else having that problem?
To be very clear, when on the 9.09 release with TWRP and Magisk my phone passed the SafetyNet tests and GooglePay work just fine. Now, both the Basic Integrity and CTS Profile Match tests fail.
Click to expand...
Click to collapse
Are you using edxposed? Google made some updates and is detecting edxposed, disable it and see if safety net passes.
ptmaniac said:
Are you using edxposed? Google made some updates and is detecting edxposed, disable it and see if safety net passes.
Click to expand...
Click to collapse
No. I did have AdAway & FDroid installed, though. I removed both of those, and still no joy.
ptmaniac said:
Are you using edxposed? Google made some updates and is detecting edxposed, disable it and see if safety net passes.
Click to expand...
Click to collapse
Turn on 'App List' in experimental settings and add all Google apps to the blacklist. Especially Play Services, Play Store and Framework as they are the culprits that detect EdXposed. Leave out any other Google apps that you have Xposed mods for such as Gmail and Play Store Dark Themes.
Title. Im coming from the one plus 7, and am wondering if I'm still going to be able to pass safety net if I root my new phone.
It passes!
I had to use the magisk hide props config module, but I got my op9 the day it was released. Probably not needed with a newer version of magisk.
mx597turbo said:
I had to use the magisk hide props config module, but I got my op9 the day it was released. Probably not needed with a newer version of magisk.
Click to expand...
Click to collapse
I flashed boot img to obtain root. Even with Magiskhide I still failed Safety check. You are saying you passed ?
inspron said:
I flashed boot img to obtain root. Even with Magiskhide I still failed Safety check. You are saying you passed ?
Click to expand...
Click to collapse
I am rooted with Magisk and have MagiskHide enabled, and pass SafetyNet. I can use Google Pay with no issues.
Make sure you have Google Play Services ticked in MagiskHide settings (it should be ticked by default, but I don't know why else you would fail SafetyNet).
I too cannot seem to pass safetynet even after ensuring that G Play services is checked and installing props config. Any help would be appreciated.
xkelx said:
I too cannot seem to pass safetynet even after ensuring that G Play services is checked and installing props config. Any help would be appreciated.
Click to expand...
Click to collapse
Make sure that you click on everything you can find related to Google and check them off. You'll need to tap on the individual app/service and checkmark everything that isn't already checked, as Magisk doesn't seem to want to check everything off even when you tap the checkmark. There's a dropdown for each app/service if you tap on the name of it.
I've been working on my son's OP9 (haven't gotten mine yet). I couldn't pass SafetyNet until I used the canary version of Magisk. Download the canary version of the manager TJW's Github page then install and update. Clear data on Google Play and you should be good.
I'm passing with that and EdXposed.
So the latest 31.0810.1226.77-1.1.138-2203 update has introduced Android 12..and killed Safetynet bypass. The kdragon Safetynet fix 2.2.1 no longer works and the device doesn't pass basic attestation either. Is there a workaround that doesn't involve unrooting it or are we ****ed for the time being? Goddamn Magisk had to deprecate their Magiskhide and safetynet bypass features. /rant
Just re-flash magisk should be enough. Else re-flash safetynet-fix-v2.2.1.zip after magisk.
course if you havent got TWRP installed you would have to re-flash the boot.img to get magisk working again.
I usually do that after every firmware update, reflashing the patched boot.img, and I already had the latest kdrag0n safetynet fix (2.2.1 as of now). This time after restarting on android 12, safety net failed and the Google pay app reported that my device is no longer certified. Guess I'll try again. Wait..is there finally now a TWRP for ROG 5? I miss using it from my old 1+3.
Edit - didn't work.
There is no TWRP for A12.
You will have to make a new patched boot image for A12. Go to Magisk and patch boot.img taken from Payload.bin (Payload dunper required) and flash it. That will get you root back.
Then you can use the universal safety net fix zip inside magisk.
BakaValen said:
Then you can use the universal safety net fix zip inside magisk.
Click to expand...
Click to collapse
Getting root on 12 is not the problem. The kdrag0n safetynet fix stopped working after upgrading to 12. I have the latest Zygisk version 2.2.1 that was updated last December.
I am on A12 latest. Rooted with safetynet passed using the fix. You must be doing something wrong.
Explain your process
Did the same process I've followed for every system update - patch boot.img with the payload dumper and patch script as described in this forum before applying the update, and flash it afterwards. The safetynet fix that had already been installed and working under 11 stopped, and removing and reapplying it does nothing.
Flash version 2.2.1.
I'm telling you. There is a process not being done correctly.
I'm on the latest A12 for the 5s with safetynet pass.
Send screenshots of install process (magisk black screen bit)
BakaValen said:
Flash version 2.2.1.
I'm telling you. There is a process not being done correctly.
I'm on the latest A12 for the 5s with safetynet pass.
Send screenshots of install process (magisk black screen bit)
Click to expand...
Click to collapse
Yes, I'm using 2.2.1. The flashing process appears to have worked, as shown -
It's the latest Magisk with zygisk enabled. FWIW here's the result of running safetynet test also.
KaiserSnorezay said:
Yes, I'm using 2.2.1. The flashing process appears to have worked, as shown -
It's the latest Magisk with zygisk enabled. FWIW here's the result of running safetynet test also.
Click to expand...
Click to collapse
Are you running Shamiko withLSPosed/Xprivacy + blocking tracking for Goog Play Services and the relevant apps? Safetynetfix 2.2.1 alone is no longer a full solution whether you're on A11 or A12 and regardless of your Magisk version...
If you mean adding play services to the deny list, then yes. Got rid of xprivacylua as it didn't help. Used it to block reading identifiers and tracking for play services and other components, to no avail. Right now even the basic integrity test is failing.
Update - Installed Shamiko, disabled the 'enforce denylist' in Magisk so that it takes over the job and rebooted..and nothing different.
Passed here just fine... all you need is a clean magisk install, then...
hide the magisk app itself.
enable zygisk, reboot.
flash zygisk version of usf https://github.com/kdrag0n/safetynet-fix/releases/tag/v2.2.1
optionally: flash shamiko, reboot, then select play store and play service in deny list without enabling it.
check again in YASNAC, should pass now.
Don't know WTF is wrong this time, compared to every previous time it would just simply upgrade with no problems.
Installed this month's system update.
Uninstalled Magisk.
Patched the boot.img with Magisk, flashed it.
Reinstalled the Magisk apk. It was rooted, all my settings and modules showed up as usual.
Toggled zygisk to off, just to be sure, restarted, turned it back on, restarted.
NOTHING. Again the ****ing Safetynet fails.
KaiserSnorezay said:
Don't know WTF is wrong this time, compared to every previous time it would just simply upgrade with no problems.
Installed this month's system update.
Uninstalled Magisk.
Patched the boot.img with Magisk, flashed it.
Reinstalled the Magisk apk. It was rooted, all my settings and modules showed up as usual.
Toggled zygisk to off, just to be sure, restarted, turned it back on, restarted.
NOTHING. Again the ****ing Safetynet fails.
Click to expand...
Click to collapse
Google changed something today, as Google Pay now detects root when I had used it just yesterday without issue. It appears the safetynet fix needs fixing.
Strephon Alkhalikoi said:
Google changed something today, as Google Pay now detects root when I had used it just yesterday without issue. It appears the safetynet fix needs fixing.
Click to expand...
Click to collapse
Re-check that all GPay sub components are added to your Shamiko deny list and Shamiko configured properly (i.e with Magisk's own deny disabled). Also check and ensure that tracking is blocked for Gpay in Xprivacy.
If you don't have any one of those installed - you need it to be completely covered. Even if you pass Saftynet. Safetynet Fix and Magisk hide alone won't cut it, at least not currently. Tough apps like banking and payment apps will detect you.
Many people skip one or more of these and run into frustration with root detection..
I noticed that if I add Google play services (all components) to the Magisk deny list, it doesn't persist after reboot. Could that be it? Is it unable to modify the system partition? I'm using Shamiko, with Magisk enforce deny list option disabled.
Andrologic said:
Re-check that all GPay sub components are added to your Shamiko deny list and Shamiko configured properly (i.e with Magisk's own deny disabled). Also check and ensure that tracking is blocked for Gpay in Xprivacy.
If you don't have any one of those installed - you need it to be completely covered. Even if you pass Saftynet. Safetynet Fix and Magisk hide alone won't cut it, at least not currently. Tough apps like banking and payment apps will detect you.
Many people skip one or more of these and run into frustration with root detection..
Click to expand...
Click to collapse
It may be a glitch, as GPay is currently not complaining about root when I pull up one of my stored cards. Regardless, I don't have Shamiko installed, but will look into it so long as it doesn't require Xposed or any of its derivatives.
EDIT: Confirmed to be a glitch. Not more than five minutes prior to this edit I used GPay without trouble.
Did some more testing, given I had to install the latest June firmware anyway. Fully removed Magisk (I hadn't done this earlier) and reinstalled, it passes. The culprit for failure turned out to be LSPosed. When enabled, it fails SafetyNet. I can manage without it but if anyone knows a workaround please do tell.
KaiserSnorezay said:
Did some more testing, given I had to install the latest June firmware anyway. Fully removed Magisk (I hadn't done this earlier) and reinstalled, it passes. The culprit for failure turned out to be LSPosed. When enabled, it fails SafetyNet. I can manage without it but if anyone knows a workaround please do tell.
Click to expand...
Click to collapse
Same boat here. I got safetynet fix passed literally right after I disabled LSPosed. I glimpsed through the issues in LSPosed Github repo but they don't seem to be working on this.
I dont have any issues with safetynet.
I have a rooted P7P and after latest update, I'm having problems to pay with Google Wallet.
Wallet says that my device is rooted and that's with it is insecure to use the app. No other apps complaining about the root.
Magisk 25.2 installed
Universal SafetyNet Fix 2.4.0 installed
On Magisk Configure DenyList:
Play Store
Play protect
Wallet
I didn't do any changes after the update and everything worked with no problem before. I used PixelFlasher to update and everything went fine. Funny thing is, sometimes if I reboot my phone, I can pay with it few times.
What am I missing?
miimaa said:
I have a rooted P7P and after latest update, I'm having problems to pay with Google Wallet.
Wallet says that my device is rooted and that's with it is insecure to use the app. No other apps complaining about the root.
Magisk 25.2 installed
Universal SafetyNet Fix 2.4.0 installed
On Magisk Configure DenyList:
Play Store
Play protect
Wallet
I didn't do any changes after the update and everything worked with no problem before. I used PixelFlasher to update and everything went fine. Funny thing is, sometimes if I reboot my phone, I can pay with it few times.
What am I missing?
Click to expand...
Click to collapse
Try using the USNF module by Displax (2.4.0 MOD 1.2). It has a separate thread.
Yeah Google pushed an update that broke the official SN 2.4. Use @Displax mod
Fishawy said:
Try using the USNF module by Displax (2.4.0 MOD 1.2). It has a separate thread.
Click to expand...
Click to collapse
Thank you!
I installed that and let's see how it works.
Btw, both USNF passed the YASNAC. So I don't know if that was the problem.
miimaa said:
Thank you!
I installed that and let's see how it works.
Btw, both USNF passed the YASNAC. So I don't know if that was the problem.
Click to expand...
Click to collapse
If payments still don't work after flashing the Displax mod, clear data & cache of Play Store, Play Services, and Wallet, then start fresh. Should be good to go by then.
Fishawy said:
If payments still don't work after flashing the Displax mod, clear data & cache of Play Store, Play Services, and Wallet, then start fresh. Should be good to go by then.
Click to expand...
Click to collapse
At least now the application does not indicate that it cannot be used. So I guess it works.
JakeDHS07 said:
Yeah Google pushed an update that broke the official SN 2.4. Use @Displax mod
Click to expand...
Click to collapse
Works like normal on Feb update for me with just USNF 2.4 from kdrag0n
Must be running an older GPS version. Don't worry it'll get ya
I can confirm that USNF module by Displax (2.4.0 MOD 1.2) works.