When I try to open the pushTAN app of my bank, I get a security notice: blah blah ROOT something something.
My phone is the OnePlus Nord and I'm using the lastest magisk version with zygisk and the SafetyNet Fix from kdrag0n enabled. If I check the SafetyNet Attestation with various apps, I pass both "Basic integrity" and "CTS profile match", but for some reason my banking app still doesn't work.
Any help is appreciated.
Banks aren't soft. I don't think you'll find a way around it and if you do it won't last for long. The banks have a responsibility to keep things secure so see it as a good thing that they're protecting YOU from fraud. Root is insecure and blocked by banking apps for a very good reason.
Sorry but that's just the truth of it.
Take note that only 1 line of program code is needed to detect whether Android got persistently rooted or not. And such a line of code can get implemented in every app.
@m0.ke What I'm finding surprising -- correct me if I'm wrong -- is that if you weren't rooted, the app would work despite the other factors, like being unlocked. In an unrooted state here, at least, but on LineageOS so unlocked, which is something else that some apps don't like), I don't get a security notice when running it (of course I can't actually try logging in).
So, the irony may be that Magisk created a problem that it's designed to get around just by virtue of the root.
I'm beginning to wonder at this point just what percentage of problem apps actually object to a phone being unlocked (and/or being on a 3rd-party ROM like LineageOS) compared to that AND being rooted. So far, and I'm trying all that I can think of, including several banking apps and Google Pay (update: I did later see the issue with this one: it happens when trying to enable contactless), I haven't found one that has given me a problem. I don't quite know why, but it's making me much less inclined to bother with Magisk, something that I was positive that I would need after going to LineageOS.
m0.ke said:
When I try to open the pushTAN app of my bank, I get a security notice: blah blah ROOT something something.
My phone is the OnePlus Nord and I'm using the lastest magisk version with zygisk and the SafetyNet Fix from kdrag0n enabled. If I check the SafetyNet Attestation with various apps, I pass both "Basic integrity" and "CTS profile match", but for some reason my banking app still doesn't work.
Any help is appreciated.
Click to expand...
Click to collapse
Have you also hidden: Magisk root, Zygisk module and the Magisk app itself by renaming?
Nowadays banking apps also validate for this.
Related
Hi devs,
Since I have rooted my device with magisk my axis Bank app says we don't support rooted phone and it doesn't open. Is there a work around for it.
gunmanrishi said:
Hi devs,
Since I have rooted my device with magisk my axis Bank app says we don't support rooted phone and it doesn't open. Is there a work around for it.
Click to expand...
Click to collapse
Did you root with Magisk? If so, use Magisk Hide feature and check the Axis Bank app. It should start working again.
gunmanrishi said:
Hi devs,
Since I have rooted my device with magisk my axis Bank app says we don't support rooted phone and it doesn't open. Is there a work around for it.
Click to expand...
Click to collapse
AFAIK In android each app is installed as different user(from Linux system point of view).
Each user(app) has and runs in its own space. And can not access any other user's data.
Root is the user(app) which can access any user's data.
So any app having root access can access any other app's data which can compromise the security mechanisms used by banking applications. So banking apps refuse to start on rooted phone.
I would advice not to use banking apps on rooted phone.
sandrocks said:
AFAIK In android each app is installed as different user(from Linux system point of view).
Each user(app) has and runs in its own space. And can not access any other user's data.
Root is the user(app) which can access any user's data.
So any app having root access can access any other app's data which can compromise the security mechanisms used by banking applications. So banking apps refuse to start on rooted phone.
I would advice not to use banking apps on rooted phone.
Click to expand...
Click to collapse
If banking app builds its security on this fact, then I wouldn't use it at all. Many banking apps run completely fine with enabled root, some are just more cautious (or paranoid). Just think about security on a Windows PC (admin account, unsecure browser, internet banking in flash ..) - you have no restriction from bank, why should you accept it on a phone?
_mysiak_ said:
If banking app builds its security on this fact, then I wouldn't use it at all. Many banking apps run completely fine with enabled root, some are just more cautious (or paranoid). Just think about security on a Windows PC (admin account, unsecure browser, internet banking in flash ..) - you have no restriction from bank, why should you accept it on a phone?
Click to expand...
Click to collapse
I don't have any experience on windows 8 and 10, and do not know about any banking app for windows 7.
If we are running something as Admin and are able to access app's data(not common data folders like program files or login user data) we are screwed up. In that case most of the DRM protected contents also shall not work. I am not sure pre-installed DRM keys also work as usual after rooting your android phone.
Again every OS architecture is different and I am talking about android which uses Linux kernel.
Root access is not something about tuning your OS or phone, It comes with much more responsibility.
Root access to one wrong app can screw up many things. Off course you know all this jargon since you are senior member on this forum and I don't need to tell you this.
In Windows all apps can read other apps data, under the current user. They don't need admin access for that. Yet nothing is compromised I guess that Windows/Linux/Android banking apps use good cryptography and preventive measures, so even if someone gets access to the data, be it settings or network packets, you are safe. I am absolutely confident in using banking apps with root, however not so much with apps requesting accessibility permissions or Xposed modules. Those two can IMHO potentially do much more harm.
Long story short, use your brain, don't install everything you find on the Internet, don't allow all permissions without thinking and don't use shady public Wifi hotspots.
So I decided to install magisk again and managed to pass safety net and all that so I can now use Gpay. Then I figured since Gpay works now surely the mcdonalds app would also work, right? I mean, how much security does an app that literally does not handle any money need?
Anyway, since it seems to work randomly on some devices and not on others I'm just curious if any of you have managed to get it to work on an unlocked Mix 2s
Tried hiding magisk? And putting the app on the hide list in magisk?
m7x9 said:
Tried hiding magisk? And putting the app on the hide list in magisk?
Click to expand...
Click to collapse
Of course. Also tried a local payment app and everytime i open it the first time it doesn't work due to root but if I close it and open it again it works. So basically gpay works now but my banking apps don't work lol
Dear all,
I just read the news or not so news for other ones that magisk Will be removing magiskhide due to Google where the creator is working forced the big hand.
I have Magisk over the years and my question will be what will affect this, this will be for example apps with microtransactions like Pokemon go? or are other things that will affect.
I only use the root though only to have full control of my phone's only and manage everything, should I be concerned of anything?
Thanks to all and let's hope this app don't die in the future.
Does this possibility exist? I'd like to be rooted, but with an intact bootloader in terms of Google safetynet, since I always use rooted but stock for my device software, I never bother with custom ROM. So I don't even *need* the unlocked bootloader that standard rooting methods automatically do
I've noticed more apps detecting root via bootloader as I have the soft safetynet pass via magisk working successfully at current. But certain apps, mainly games, some banking, but even down to a product barcode scanner, saying my device is incompatible. But it's not referring to my OS version. The play store allows proper download, but on that first run its no dice at the splash screen. One app or 2 i could make due with but it's several now and likely just going to grow.
The only things I use root for is full removal of bloat system apps I won't use, and disabling certain processes of a couple apps I do use (but I've done that to none of these that arent working, this is not user error here)
My other option I would guess is totally remove all capacity to check for safetynet at the system level, or spoofing a legit boot loader which I'm assuming is impossible if it's not widely shared by now
Any help is much appreciated!!
Rooting a device's Android DOES NOT REQUIRE device's bootloader gets unlocked.
Not worth pursuing at all, especially since you run on signed stock ROMs.
Apps have indeed become smarter in detecting rooted devices but as of now you should still be able to pass Safetynet and hide practically all apps with the latest SafetyNet Fix 2.1 patch (assuming you're rooted with Magisk) in conjunction with Riru, LSPosed and XPrivacyLua. Below is a well written guide on the actions required.
With the above in place + hiding/disabling tracking of your individual apps (required for the toughest apps to pass), you should be able to get around getting detected. And no, you won't lose any noticable performance or battery hits by running this framework on your device.
Finally, some banking (and other) apps have started banning devices that are detected with root once, they use the same technique games use when banning you. They register the unique permanent Android ID (SSAID) assigned to the app. However, with root access you can pypass that too and unblock yourself - You can give the app a new random ID and clear all data offline and re-launch it (there are several root apps that can do this)
[2023 FIX] Fix Magisk CTS Profile False Error - Bypass Safetynet
Magisk CTS Profile False Error is now popping up on almost everyone's device since Google made some changes in March. To Bypass Safetynet...
droidholic.com
Hi all,
Device is a rooted Google Pixel 5a with Android 11, Magisk 25.1 with zygisk (Modules: MagiskHide props config, Shamiko, systemless hosts, universal safetynet fix, and zygisk-LSPosed), and XprivacyLua.
Device is passing safety net Basic Integrity and CTS profile match.
Can use other banking apps like Bank of America and PNC just fine. Just opened new account with U.S. Bank. U.S. Bank app opens and lets me log in, then wants to verify my phone number. It sends me the OTP and after I enter it I get a message that 'something has gone wrong' and I am logged out. When I try to log back in, I get a message that my username/account is disabled. I have to wait 48 hours and then ask U.S. Bank customer support to re-enable it.
I'm assuming this has something to do with rooted status of my device. Usually banking apps will open and crash quickly, or say something about detecting root. In the past I just add these apps to the DenyList in Magisk and all is well. Is there a way to troubleshoot what exactly is triggering the locking of my account?
Thanks
Maybe the Magisk Hide Option of the Magisk v25.1 is not fully effective for the U.S. Bank app.
Who knows. Either way US Bank has now closed my account so I won't be able to figure it out anyway. I was trying to send a zelle payment to one of my vendors I've used before and it wasn't going through. When I inquired as to why, they informed me the vendor had been involved with fraud and they were closing my account too, for just attempting to send a payment. Bankers are such morons and their policies are fascist. Guilty by association is their mantra, ****ing snowflakes.