This website uses cookies to ensure you get the best experience on our website. OK
3 min read 56 Shares 1 Comment

Trapped in Google’s safety net: what modders need to know

The next generation of smartphone users will have it tougher if they want to modify their devices. SafetyNet makes apps unusable on devices that are rooted and otherwise modified. We tested some mod methods and were able to successfully run some known SafetyNet apps such as Pokémon GO or Snapchat. That said, supposed masking apps were no help at all.

I could have written this article much better!
What do you think?
50
50
7462 participants

Pokémon GO and Snapchat are perhaps the most well-known apps that use Google’s dreaded SafetyNet. SafetyNet is a server-side protection mechanism and a Google service for app developers. SafetyNet can verify whether system files were tampered with. It's actually used to detect if the firmware has been modified. Not only does it affect modified firmware, it also hits rooted smartphones.

With SafetyNet, apps can check this and other characteristics on a smartphone. If the firmware or system has certain changes, the app will not run. The most common reason for not running is root access. John Kozyrakis, security adviser for app developers, explains many additional exclusion criteria in an exquisite deep dive into SafetyNet on his blog.

Our SafetyNet experiment

Of course, we have tried to circumvent SafetyNet’s clutches. The forum and many internet articles discuss the successes of unroot, root switcher, Magisk or Microg, although it’s not as easy as it seems. Once rooted, your smartphone is permanently disqualified for Pokémon GO. None of the aforementioned solutions help either, at least not permanently.

SafetyNet Helper Sample Install on Google Play
safetynet pokemon go snapchat blocked
For anyone caught in SafetyNet it's not that easy to get out. / © ANDROIDPIT

It’s a cat-and-mouse game between Google’s SafetyNet and the XDA community’s Magisk, since Google is constantly giving app developers new criteria that they can use to check devices. The makers behind tools like Magisk must first guess them so that a device can be legitimately recognized again and Snapchat can run. Magisk already has an integrated quick test, and Google’s blog shows how simply verification is. You yourself can quickly perform the test with this app:

safetynet pokemon go snapchat open
Only a root-free custom ROM will free you from SafetyNet. / © ANDROIDPIT

A masking attempt with Magisk didn’t work for us. Even fully unrooting our Lineage setup using the unroot tool from Lineage extras didn’t help: once SafetyNet gets you, it gets you forever. Even when testing with a Samsung Galaxy rooted with CF Autoroot, it was very difficult to break free from SafetyNet. Once lightly modified, one more reset can also help: it requires a full reflash of the original firmware including a NAND erase. Before unrooting, you should also make a backup of everything that can be saved and restored afterwards without root.

You’ll have an easier time without root

For now, modding is still allowed by SafetyNet. Alternative firmware like Lineage with Google apps that are installed afterwards are given the green light by critical apps such as Snapchat or Pokémon GO - even the SafetyNet helper app for the quick test produces a green result.

Opinion by Eric Herrmann
I'll avoid root in the future so I can continue using my favorite apps
What do you think?
50
50
68 participants

Those apps are less accommodating if your Android installation has been rooted even once in its history. Even if SuperUser access has been properly removed, it will be detected by SafetyNet using unknown traces. The only solution would be to replace the contents of the system partition, which practically means a mandatory reset of all settings and deleting all data.

Let’s hope that SafetyNet’s functionality restrictions continue to be limited to root. However, should third-party firmware one day attract the attention of SafetyNet, the openness of the Android ecosystem and users’ right to freely make decisions about their devices will be unpleasantly restricted.

Have you had trouble with SafetyNet? What steps have you taken against this security measure by Google? Let me know in the comments below!

56 Shares

1 Comment

Write new comment:
  • Reg Joo 2 months ago Link to comment

    "Let’s hope that SafetyNet’s functionality restrictions continue to be limited to root. However, should third-party firmware one day attract the attention of SafetyNet, the openness of the Android ecosystem and users’ right to freely make decisions about their devices will be unpleasantly restricted" When that day comes, will be the day I break camp, and pay for the headaches of apple. My ipad air already runs rings around my honor 5x , it loads webpages , and games, so much faster that it's not even funny! Nonetheless, I'd rather stay with android, but taking it's appeal away(you can make your phone, your phone), is tantamount to a full fledged retreat.

This website uses cookies to ensure you get the best experience on our website. More info

Got it!