Jump to content

Play Integrity API

Edit links
From Wikipedia, the free encyclopedia

Play Integrity API (formerly known as SafetyNet)[1] consists of several application programming interfaces (APIs) offered by the Google Play Services to support security sensitive applications and enforce DRM. Currently, these APIs include device integrity verification, app verification, recaptcha and web address verification. It uses an environment called DroidGuard to perform the attestation.[2]

Attestation

[edit]

The SafetyNet Attestation API,[3] one of the APIs under the SafetyNet umbrella, provides verification that the integrity of the device is not compromised.[4][5][6] In practice, non-official ROMs such as LineageOS fail the hardware attestation and thus restrict the user from using a non-compliant ROM while being able to use third-party apps (mainly banking) that require the API. Due to this, some consider this a monopolistic practice deterring the entrance of competing mobile operating systems in the market.[7]

It requires a network connection to Google servers and validates the hardware signatures. Amongst the checks, the API looks for bootloader unlock status, ROM signatures, kernel strings, it also uses AVB2.0 and dm-verity attestations. Upon successful checks, Google Play will mark the device as Certified. The attestation runs in an environment called DroidGuard (com.google.android.gms.unstable).[2]

The SafetyNet Attestation API (one of the four APIs under the SafetyNet umbrella) has been deprecated.[8] As of 6 October 2023, Google planned to replace it with the Play Integrity API by the end of January 2025.[8][9] The replacement ended on 20 May 2025, all applications which weren't updated broke.[10] These attestations are offered by Google Play Services and thus are not available on free Android environments, like AOSP. Therefore, developers can require the API to be available and may refuse to execute on AOSP builds.

Criticism

[edit]

Multiple groups have criticised SafetyNet and the Play Integrity API.[11] Criticisms include that it offers weaker protection compared to alternatives such as Android's hardware attestation API, which provides a stronger form of verification while having the ability to remain compatible with more secure Android operating systems like GrapheneOS.[12][13]

Critics have also argued that the Play Integrity API undermines competition by effectively requiring developers to rely on Google's proprietary services, strengthening its monopoly over the Android ecosystem and disadvantaging alternative, privacy-focused operating systems.[14]

Users have also developed tools, such as the Play Integrity Fix module for Magisk/KernelSU/APatch, which tricks the attestation using leaked fingerprints of vulnerable devices.[15][16] Some developers made petitions on sites like Change.org.[17]

Furthermore, some have questioned the effectiveness of the attestation, claiming it does not deliver the level of security promised by Google and instead serves more as a form of vendor lock-in than a meaningful security measure. Activists have also raised concerns that it may violate antitrust and competition laws, like the Digital Markets Act.

See also

[edit]

References

[edit]
  1. ^ "SafetyNet Overview". Android Developers.
  2. ^ a b "DroidGuard: A Deep Dive into SafetyNet". Romain Thomas. 2022-05-12. Retrieved 2025-07-08.
  3. ^ "SafetyNet Attestation API". Android Developers.
  4. ^ Hoffman, Chris (4 February 2016). "SafetyNet Explained: Why Android Pay and Other Apps Don't Work on Rooted Devices". How-To Geek. Retrieved 2021-09-11.
  5. ^ "Google's dreaded SafetyNet hardware check has been spotted in the wild". Android Police. 2020-06-29. Retrieved 2021-09-11.
  6. ^ Ibrahim, Muhammad; Imran, Abdullah; Bianchi, Antonio (2021-06-24). "SafetyNOT". Proceedings of the 19th Annual International Conference on Mobile Systems, Applications, and Services. Virtual Event Wisconsin: ACM. pp. 150–162. doi:10.1145/3458864.3466627. ISBN 978-1-4503-8443-8.
  7. ^ Schwab, Andreas; Echeverria, Pablo Arias (24 March 2022). "Time to restore fairness and contestability in digital markets". www.euractiv.com.
  8. ^ a b "SafetyNet Deprecation Timeline". Android Developers. Retrieved 2023-10-06.
  9. ^ "Migrating from the SafetyNet Attestation API | Google Play". Android Developers.
  10. ^ "Google deprecates old SafetyNet API in favor of Play Integrity API". Linus Tech Tips. 2025-05-21. Retrieved 2025-07-08.
  11. ^ "Please remove the requirement for that CRAP of Google Play Integrity · Issue #287 · eu-digital-identity-wallet/eudi-app-android-wallet-ui". GitHub. Retrieved 2025-07-07.
  12. ^ "Attestation compatibility guide | Articles | GrapheneOS". grapheneos.org. Retrieved 2025-07-07.
  13. ^ "use the standard Android hardware attestation API to verify the device, OS and app instead enforcing licensing Google Mobile Services · Issue #390 · eu-digital-identity-wallet/eudi-app-android-wallet-ui". GitHub. Retrieved 2025-07-07.
  14. ^ Stallman, Richard. "Can You Trust Your Computer?". GNU Project. Retrieved 2025-07-07.
  15. ^ Renshaw, Chris (2025-07-07), osm0sis/PlayIntegrityFork, retrieved 2025-07-07
  16. ^ @GrapheneOS (2025-05-23). "Hardware-based attestation can be secure, but the way the Play Integrity API uses it is also highly insecure. It can be bypassed via leaked keys from the most insecure Android devices in the ecosystem. Secure way to use it is pinning, not trusting everything chaining to a root" (Tweet). Retrieved 2025-07-07 – via Twitter.
  17. ^ TastyDepartureFrom (2024-11-21). "Stop Google from limiting access to Custom ROMS via Play Integrity". r/degoogle. Retrieved 2025-07-07.
[edit]
Retrieved from "https://en.wikipedia.org/w/index.php?title=Play_Integrity_API&oldid=1299403477"