Play Integrity Attestation Bypass (SafetyNet Replacement)

Tip

Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE)

Support HackTricks

What Play Integrity Does

Play Integrity is Google’s SafetyNet successor for app attestation. The app calls the API, Google Play Services gathers software/hardware signals, sends them encrypted to googleapis.com, and Google returns a JWT that is signed and encrypted by Google. The app forwards the token to its backend, which validates the signature with Google’s public key, decrypts the payload, and enforces policy based on the verdict fields:

  • appIntegrity: APK build/signature match (no repack/tamper).
  • deviceIntegrity: genuine & certified device, locked bootloader, no root/system tamper.
  • accountDetails: installation via Google Play.

Key verdict flags commonly enforced:

  • MEETS_BASIC_INTEGRITY: token generated by genuine Play Services (not emulator/tampered transport).
  • MEETS_DEVICE_INTEGRITY: genuine/certified device, bootloader locked, no root/system tamper.
  • MEETS_STRONG_INTEGRITY: requires DEVICE plus recent security patches on all partitions (OS + vendor).

Bypass Model

Instead of forging Google’s JWT, spoof the signals Google evaluates so they correspond to a different, legitimate device profile. The attack chain:

  1. Hide root so local checks and Play Services probes don’t see Magisk/su.
  2. Replace the key attestation certificate chain (keybox.xml) with one from a genuine device so Play Integrity sees a certified/locked device.
  3. Spoof the security patch level to satisfy MEETS_STRONG_INTEGRITY.

Google mitigates by revoking abused keyboxes; rotation is required when a keybox is blocked.

Prerequisites & Tooling

Achieve MEETS_BASIC_INTEGRITY + MEETS_DEVICE_INTEGRITY

  1. Install modules & reboot: Flash TrickyStore and Tricky Addon in Magisk, reboot.
  2. Configure TrickyStore (via KSU Web UI): Select TrickyStoreSelect AllDeselect UnnecessarySave.
  3. Inject a valid keybox: In Keybox, choose Valid to download/apply a new keybox.xml (vendor attestation credentials). This file underpins hardware key attestation and is now spoofed from a certified/locked device.
  4. Verify: Run Play Integrity API CheckerMEETS_BASIC_INTEGRITY and MEETS_DEVICE_INTEGRITY should pass. In Key Attestation the bootloader appears locked because the attestation chain is replaced.

Achieve MEETS_STRONG_INTEGRITY (Patch-Level Spoof)

STRONG fails on outdated patch levels. TrickyStore can spoof a modern security patch date for all partitions:

  1. In TrickyStore, pick Set Security PatchGet Security Patch DateSave.
  2. Re-run Play Integrity API Checker; MEETS_STRONG_INTEGRITY should now pass.

Operational Notes

  • Revocation risk: Hitting the API repeatedly with the same keybox.xml can flag and block it. If blocked, replace with a fresh valid keybox.
  • Arms race: Publicly shared keyboxes burn fast; keep private copies and track community module updates (XDA/Telegram/GitHub) for new working chains.
  • Scope: This bypass only spoofs attestation inputs; backend signature verification by Google still succeeds because the JWT itself is genuine.

References

Tip

Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE)

Support HackTricks