Today in our article we show you How to pass the device integrity test and play strong on Android.

Google makes available the Play Integrity API, an API that serves to perform checks on code and hardware to ensure users are safe from damaging threats. Such checks through the Play Integrity API do not work on phones that have their bootloaders unlocked or rooted.

Play Integrity Check on an Android Device

Well, Play Integrity does just that: it checks if there is any hardware modification or root access on the device and provides verification that the source of app binaries is legitimate. It's then entirely up to the app designer what happens next when Google lets them take advantage of the Play Integrity API in finding security vulnerabilities in their apps.

Applications dealing with sensitive information, such as banking and government applications, block phones on which all tests of integrity don't pass. The following are some likely reasons why the Play Integrity tests may fail on your device:

The bootloader of this device is unlocked.

This device has been rooted.

An OEM-specific customized firmware image is active on this device.

A patch or module conflict may occur introduced by a fix.

This device is running an unsigned ROM.

The Google services may not be excluded from the DenyList configuration of Magisk.

Failed Play Integrity Checks: How to Evade?

Of course, this would require the device to spoof or otherwise bypass the above restrictions in such a way that it could get past the requirements of Play Integrity. You may take the right path or have workaround modules in place that let you get past Play Integrity enough to pop the green checkmark, which would allow apps with strict device state detection to work on your device.

Re-lock the bootloader back and restore the device to its stock recovery mode.

Since the said device status check is from Play Integrity, the easiest and most official way to get it back is by flashing the stock ROM of the manufacturer and resetting the bootloader to a locked state. This is actually the easiest way to avoid the auto-update of certain modules on a regular interval by Magisk.

Unlocking Bootloader Status of Xiaomi Phone

If your banking service values security, then it would make perfect sense to go the extra mile to prevent circumventions. Your financial services might detect a patched Play Integrity module and block your access to their services-for instance, online banking-or even lock you out of your account.

This module maintains the state of the root and bootloader while Playing Integrity Fix.

Warning: The procedures in this tutorial will involve modifying your device's OS and security settings. You risk data loss, system problems and security holes, not to mention that this may void your device's warranty. This may even cause problems in some applications or services, which may lead to account bans or suspensions. Proceed with caution. Only an instructional objective should be applied to this guide. As long as you follow these directions, if anything is going wrong then we don't pay a dime.

Mainly, the implementation of Play Integrity Fix is necessary for most users rooting their devices using Magisk. The approach used in this module impersonates the apps to confirm the legitimacy of the device to outsmart the restrictions imposed by Play Integrity. However, you need to make sure a few things are in control before proceeding further.

Pre-Requisites

Make sure your phone has the latest version of Google Play Services running.

You can always check directly from the Play Store if there is an upgrade to Google Play services available.

Or you can open the Play Store and tap on your profile picture top right then "Settings," followed by "About," then select "Update Play Store."

Make sure that your device has a signed custom ROM.

You can verify your ROM's signature by installing the outside program RomSignCheck. If so, it would pop up a notice of either "ROM sign normal" or "ROM sign is testkey."

Magisk has been updated recently, alternatively you can use Kitsune Mask, a fork of the original Magisk Manager that has the old MagiskHide functionality restored back in.

While Zygisk is included out of the box for Magisk users, KernelSU users will need to flash the module Zygisk Next.

Setup your device by installing MT Manager. Keybox files for Play Integrity tokens are installed this way.

Setup the System



Otherwise, this section will install Magisk as a proxy app, and some apps will be hidden from the detection of a rooted state. After some attempts to fix malfunctioning TEE and hiding of Zygisk with Shamiko and flashing Play Integrity Fix module, it will run.

1) Create a Hidden Magisk App


The aim is to be able to hide the Magisk app. Various services, after doing a scan of the user's phone, check the installed apps for something called Magisk and immediately flag the device as having been tampered with. Fortunately, it is possible to bypass Magisk and install an arbitrary proxy program with a package ID of your choice.


Open Magisk and tap the gear icon on the top right.


From the menu that pops up select "Hide the Magisk app."


 


Rename the file to a random name and click "OK."


 


Magisk is now masquerading as a completely different application with an unrecognized package ID.


 

2) Configure the DenyList


Apps selected for the DenyList are a suite of services that can utilize bypassing root detection. That would mean that modules such as MagiskHide and Shamiko would deny knowledge regarding your device's status about rooting using this list.


Open Magisk and find the gear icon at the top right.


Scroll down and find "Configure DenyList" and click the button.


Tap the three vertical dots at the top right to expose the system apps, and tap "Show system apps."


Locate Google Play Services in the list of apps, tap on its dialog, and toggle the switches in front of "com.google.android.gms" and "com.google.android.gms.unstable" to the ON position.


Scroll back to the list, locate Google Play Store, and toggle the switch in front of "com.android.vending" to ON position.


Once created, make sure to go to settings in your phone and force stop, then wipe data from Google Play Store and Play Services, too.

3) Spoof Bootloader Status (In Case TEE Is Broken)


It is also important to spoof the bootloader status since Play Integrity will check up on it as regards device integrity.


Check Your Trusted Execution Environment If It's Broken.


For this, download Momo and check your TEE status.


In case the TEE is broken on your device, then you have to flash the LSPosed module.


To enable the BootloaderSpoofer module, go to the Xposed settings section.


Choose the apps for which you want to hide the root status from here.

4. module is Flash Play Integrity Fix and Zygisk Hide.


Flashing the Shamiko module-or, if you're running KernelSU, the Zygisk Assistant-will hide the residual traces of root from your device.


Navigate to chiteroman's repository and install the module titled Play Integrity Fix.


Head over to aviraxp's repository and download the TrickyStore module.


Flash both of these modules using Magisk flash.

5) Push an Operational Keybox File with MT Manager


Someday, the keybox files will be patched, so it is crucial to refresh them from time to time. To spoof the integrity tokens, these are the keys you will be using. You can find these tokens on XDA, Reddit, and Telegram amongst other online forums.


Open MT Manager and clone your keychain file.


Paste the file in the folder at /data/adb/tricky_store/.


Long-click the keybox file to bring up its properties.


Immediately adjacent to the "Owner," you will find root. Click on Change.


To choose "root - 0," click on the Group icon.


In the properties menu, click Modify, located in front of Permissions.


Below, click "Other." Under Write, you will see "Group" checked-off. Uncheck this.


Click "OK." Note that the applications use private keys to sign integrity tokens they return from the Play Integrity API. Tokens can be generated using bespoke, functional keyboxes which hoodwink the app into thinking it's operating on an unrooted, unmodified environment.


After you finish setting up on your device, restart it. Now you can check how your device will be holding up with the Play Integrity API Checker app.



Other Articles
How to Wirelessly Transfer Files from Android to PC
I will recommend you How to transfer files wirelessly from Android to PC
How to Fix WiFi Authentication Error Occurred on Android
Today we show you step by step How to solve the WiFi authentication error that occurred on Android.
How to Fix Android Not Receiving Texts
To learn how to fix the problem of an Android not receiving text messages, here is a complete guide.
All Blessings and Curses in Roblox Fisch
I will teach you all the blessings and curses in Roblox Fisch
How To Complete the ‘Spend Some Quality Time With Neighbors’ Star Path Task in Disney Dreamlight Valley
Today I will tell you How to complete the Star Path task “Have a good time with your neighbors” in Disney Dreamlight Valley
How to Fix the msteams_autostarter.exe Error in Microsoft Teams
To learn how to fix the msteams_autostarter.exe error in Microsoft Teams, here is a guide that will help you.
How To Be a Man in Dress To Impress
Today I will tell you How to be a man dressed to impress
How to pre-register Destiny Rising Closed Alpha
In this documentary I will tell you How to pre-register for the Destiny Rising closed alpha
How to Force or Manually Install Windows 11 24H2 Update
If you don't know how to force or manually install the Windows 11 24H2 update, here is a guide that will help you.
How to get Bitter/Sweet Grenade Launcher in Destiny 2
I will teach you in this guide How to get the sweet/bitter grenade launcher in Destiny 2
How to Uninstall Unexpected RAV Antivirus Installation
I will guide you How to uninstall an unexpected installation of RAV antivirus