Whereas, when modifying the Android operating sys, whether by rooting the mobile or other files, the Safety Net system will report an amendment to the file and folder permissions and immediately classify the sys as a custom system.
How to fix SafetyNet in easy steps
After SafetyNet detects that there is an Andro mod, it will send data to the appl and tell them the Mobil is secure, so that non-rooted appl like Android Pay or Snapchat cannot be opened in the mobile.
I think everyone knows what Safety Net is and now we’re coming to ways to solve the Attestation failed (basic integrity-cts Profile).
The root can be hidden with Magisk, but not bootloader status
MagiskHide was used to build an isolated environment to hide root and bootloader status and thus transfer SafetyNet before this update.
However, once the latest hardware attestation has been implemented on a computer, this would no longer be feasible. As a result, Magisk Hide won’t be able to fake the checked boot status any longer.
However, if an app just scans for Root or other userspace changes, Magisk would be able to mask them in the same way it did before. However, if it tests the bootloader status, there’s nothing it can do right away.
Verify the SafetyNet’s hardware-backed attestation is turned on
This new attestation approach is implemented by Google by a server-side upgrade, rather than a software update to the smartphones. Furthermore, not all Android devices are subject to hardware attention at this time. The move is being phased out gradually and at random, regardless of smartphone type, area, Android edition, or other variables.
Open the Magisk Manager software and click the ‘Check SafetyNet’ button to see if hardware attestation is activated on your Android device.
The latest evalType sector should have one of the following values in the results:
1. BASIC: If the assessment is based on standard signals and reference results,
2. HARDWARE: For SafetyNet evaluation, if hardware-backed key attestation is used.
A new parameter, evaluation type, has been introduced to represent core attestation in SafetyNet responses. It essentially “provides details about the kinds of metrics used to compute fields like CTS profile match and basic integrity for a specific response,” according to Google.
That’s exactly how Magisk Manager determines whether or not hardware-based attestation is activated. So, if the findings indicate HARDWARE, it means that enforces hardware-backed attestation for SafetyNet.
Notice that this new attestation approach is only applicable to Android 8.0 and higher smartphones. Since legacy devices lack a stable isolated environment, they are unable to use the modern attestation process. If you’re using one of these devices, you’ll be able to pass SafetyNet without issue.
Guide: How to fix SafetyNet (CTS)
First, download all the file