We've covered the benefits of rooting your Android device before, in detail. However, there are some potential drawbacks that have deterred people from taking the plunge – one of them being SafetyNet.
The SafetyNet API is exactly what it says on the tin – a safety net, to protect your device from unauthorised tampering or malware. Let's say your phone got infected by some system-level malware that is sweeping your device, trying to get at your data; apps using the SafetyNet API, such as the majority of banking apps, PayPal, and notably Android Pay, would be prevented from functioning. The SafetyNet API detects any system-level tampering (so any modifications at all to the system partition); be it a custom ROM or a malware infestation. It's a good security measure, and the reason for its implementation is completely understandable; google cares about your security. However, it does hinder rooters and developers from using a rooted device as their daily driver.
Or so you think…
There is a way to bypass this tamper detection and safely use apps like Android Pay, PayPal, corporate security apps or banking applications on a rooted Android device. In fact, there are multiple ways. And we're going to walk you through them today.
Method 1: suhide
This isn't the first time we're covering suhide- we covered it yesterday when we found out that suhide had been open-sourced by its new owners, CCMT (who purchased it from its original developer, Chainfire). This open-sourcing means that we can expect to see more tweaks and ROMs with suhide embedded within them.
This method requires that you have the latest version of SuperSU flashed in SBIN mode, as well as TWRP v3.0.2 or later (FlashFire is not supported yet – however, support is expected to come in the future).
Boot your device into TWRP
Open the adb shell, and issue the following command:
Now, use TWRP to reflash SuperSU v2.82 SR2 or later to your device
Reboot into Android once, and then boot your device into TWRP once more.
Now, flash suhide and reboot. You're done! Navigate to the suhide GUI in your app drawer to configure it in whichever way you wish.
Additional note: If your TWRP does not fully decrypt /data, reflashing the SuperSU ZIP and immediately flashing the suhide ZIP without rebooting in between may sometimes allow suhide to be installed as well, in cases where it would otherwise throw an error.
Method 2: Magisk
This is the method we covered in our how-to-root guide. Magisk performs a systemless root natively, so there is little work at all to be done to bypass SafetyNet.
Open the Magisk Manager app.
Open the "Settings" menu from the navigation panel.
Toggle to enable "Enable BusyBox", "Magisk Hide" and "Systemless hosts"
Head back to the "Status" screen and tap the "SafetyNet check" button. You should receive a message that says "SafetyNet passed!".
Finally, head to the "Apps" section of your device's settings and click "Google Play Store". Click "Force Stop", head to the "Manage Space" section and hit "Clear Data". This is a precaution to ensure that the Play Store recognizes your device as a certified one, and allows you to download apps like Netflix which check for SafetyNet.
And there you have it! You can now safely use apps which check for tamper protection on your rooted device, while also not having to worry about security.
What do you guys think? Do you use a different method? Why would you want to bypass SafetyNet on your Android device? Let us know in the comments, or post over in the forums with your thoughts!