Apps&Games need PI (List)

Search This thread
By:
Advanced…
Vision

Vision

Recognized Contributor / Recognized Translator
May 10, 2015
3,841
1
4,447
Acarnania 🇬🇷
Xiaomi Poco X3 NFC
Apps&Games need PI (List).
Also what detect root, and what combination need.

All the credits for the images and apps and modules, go to the original devs.
(I only share and take no responsibility for the contents of the attachments).


Rules: Same as XDA

  • Please, if we can put large post into spoiler.​
  • Please, If we can add smaller image (or put large into spoiler) to take less space because huge images take forever to scroll down and extra pages are also created.

    NOTE: Don't post random images without saying anything or showing a problem.​


Related info and links below.👇
The images are clickable with the link.

Related Threads:


Read this excellent Guide Guide.png By @osm0sis



Related Apps & Program for check and help:

Play Integrity API Checker​

Key Attestation (Fork)
Native Root Detector

With Play Integrity API Checker, you can check the Integrity of your device.
NOTE: if you get an error message about a limit,
you need to use another app, this is because a lot of users are requesting an attestation.

With Key Attestation, you can see supports generating, saving, loading, parsing and verifying Android key and ID attestation data.
This fork is same as original with extra features.
Info
Native Root Detector.png
With this amazing detection app, which can detect if you have BL unlocked, all the root trace (Magisk, LSPosed etc.), Custom Rom and lots more.


All us know, if we unlock the BL of our device, then device integrity fails.

Here you can post Apps&Games, what PI do they need or generally what check have and what is the solution.

Some Apps&Games appear at first and can download, but when open (for apps until now) can't use it, if not pass DEVICE, because required to Pass 2/3.

Also some Apps&Games, like Netflix, not only need B&D to work, but need general at first to pass 2/3, to appear on Google Play.

Some Apps&Games need Strong Integrity.

NOTE: From what it seems some apps need a combination of BASIC and locked bootloader.

Note: All the tests, i have tried them on stock A11 with Kitsune Mask latest stable (module: PIFork v9).

Google Indicated Partners:
developer.android.com

Play Integrity API | Android Developers

With the ability to publish rapidly to over 2 billion active Android devices, Google Play helps you grow a global audience for your apps and games and earn revenue.
developer.android.com
What the Symbols means:
  • When you see 🔑 this mean, need BASIC.
  • When you see 📱this mean, need DEVICE.
  • When you see 💪 this mean, need STRONG.
  • When you see 👤 this mean it has been confirmed by me.
  • When you see 👥 this mean it has been confirmed by generals users.
  • When you see 🗣️ this mean only rumours by general users.
  • When you see 🔍 this mean need more search.
  • When you see🔒this mean need locked bootloader.
  • When you see 🔓this mean doesn't require a locked bootloader.
  • When you see ⚙️ this mean, check for Developer Options if is enabled.
  • When you see 🛠️ this mean, check for CUSTOM ROM.
  • When you see 🖥️ this mean, check for Emulators and can't start.
  • When you see 📝 this mean, have Applist Detection.​
  • When you see 'Info' just click it, and it will go to the message.


Apps:
Google Wallet

YouTube​

VPN by Google for PixelNetflixMcDonald'sGoogle Messages

Uber - Driver: Drive & Deliver​

Twitter

Need 📱
👥

Need 📱
👥
(Usable but history won't update with new videos)
Need 💪
👥

Need 📱
👤👥
(It doesn't appear on Google Play, if generally don't pass 2/3).

Need 📱
👤👥
(Can download,
but after can't use without pass).
Info


No PI Check.
👤👥
Partially, not work RCS.
Even with STRONG.
NOTE: RCS works even without BASIC Integrity, as long as it a unbanned print,
and isn't blocked for RCS use.
Info

Need ?
🗣️🔍
Info

dアカウント設定​

e-TítuloGCashBPI

France Identité​

VNeID​

LG ThinQ​

Zepp(formerly Amazfit)​


👥
According to info,
need to have DEVICE to set pass-key.

No PI Check.
Root Check.
Check 🛠️
👥
Info, Info, Info

No PI Check.
👥

Need 📱
👥

Need 🔑
Need 🔒
👥

Need ?
Root Check.
No mind if🔓
👥🗣️🔍
According to info, without STRONG get "Device not safe" at login.
Info

Need 📱
Root Check.
👥

Need 📱
👥
(You can use it,
without but shows a popup every time you open the app).
COSMOTE

WHAT'S UP​

Vodafone TV (GR)ERTFLIX

Apple Music​

Mynaportal​

TD Bank (US)​

Twilio Authy Authenticator​


Root Check.
👤

Root Check.
👤

Root Check.
👤

Root Check.
👤

No PI Check.
No mind if 🔓
Root Check.
👥
Info

Need 💪
👥
Info

Need 💪
👥
Info

Need 📱
👥
Info

Maya – savings, loans, cards​

PAYBACK - Karte und Coupons​

DSK Smart​

Navy Federal Credit Union

Turo — Car rental marketplace​

Marcus by Goldman Sachs®​

My WebID​

Zoom Workplace​


Root Check.
Need 🔒
Have 📝
👥
Info

No PI Check.
Root Check.
No mind if 🔓
Check 🛠️
👥
Info

No PI Check.
Need 🔒
👥
According to info, all apps by this company need the same.

No PI Check (At first).
Need 📱 + DenyList enforced for biometric login.
👥
Info

Need 📱
Info, Info
👥

Root Check.
Info
👥

Root Check.
Info
👥

Root Check.
Info
👥

Microsoft Intune​

MobileIron​

Intelligent Hub​

Brazil Brazilian Government (gov.br)​

MeinMagenta: Handy & Festnetz​

TK-App​

TK-Ident​

Revolut Bank​


Need 📱
👥
Info

All of the apps from this company.
Need 📱
👥

Need 📱
👥

Need 🔑
👥
Info
(It doesn't appear on Google Play, if generally don't pass 2/3).

Root Check.
Check 🛠️
👥
Info, Info, Info

Root Check.
👥
Info

Root Check.
👥
Info

Need 🔒
Root Check.
👥
Info

ZA Bank​


Root Check.
👥
Info
 
Last edited:
  • Like
Reactions: MarcoSXE, wugga3, mj084 and 7 others
Vision

Vision

Recognized Contributor / Recognized Translator
May 10, 2015
3,841
1
4,447
Acarnania 🇬🇷
Xiaomi Poco X3 NFC
Games:

Adventure Reborn​

Amigo Pancho​

Amigo Pancho 2​

Ingress Prime​

Pokémon GO​

ZENONIA® 5​

Rocket League Sideswipe​

Supercell​

Need 📱
👤
(It doesn't appear on Google Play, if generally don't pass 2/3).

Need 📱
👤
(It doesn't appear on Google Play, if generally don't pass 2/3).

Need 📱
👤
(It doesn't appear on Google Play, if generally don't pass 2/3).

Need 💪
👥

Google Play version 🔑
Samsung Store version 📱
👥
Info, Info

Root Check.
👤

Need 📱
👥

Need 📱
👥

Mario Kart Tour​

8 Ball Pool​

Wuthering Waves​

Roblox​


Need 📱
Root Check.
👥

No PI Check.
Root Check.
Have 📝
👥
Info

Need 📱
Check 🖥️
👥
Info

Root Check.
👥
Info
 
Last edited:
  • Like
Reactions: wugga3
FIERA03

FIERA03

Senior Member
Apr 23, 2022
109
113
Mone FIERA World@Minecraft BE
github.com
LG V30
Asus Zenfone 4 (2017)
・Twitter (com.twitter.android)
※The code regarding the Play Integrity tokens has been identified since around v10.40~, but does not appear to have been used yet.
Nevertheless, the TG Twifucker community thinks that this is due to a foolish plot by Elon to prevent modifications to the app and allow ads to be displayed and rebranded, rather than through DEVICE or STRONG.
 
  • Like
Reactions: Vision
Vision

Vision

Recognized Contributor / Recognized Translator
May 10, 2015
3,841
1
4,447
Acarnania 🇬🇷
Xiaomi Poco X3 NFC
FIERA03 said:
・Twitter (com.twitter.android)
※The code regarding the Play Integrity tokens has been identified since around v10.40~, but does not appear to have been used yet.
Nevertheless, the TG Twifucker community thinks that this is due to a foolish plot by Elon to prevent modifications to the app and allow ads to be displayed and rebranded, rather than through DEVICE or STRONG.
Click to expand...
Click to collapse
Interesting info.
Thank you. I appreciate.
 
  • Like
Reactions: FIERA03
fbirraque

fbirraque

Senior Member
Nov 20, 2007
1,013
855
Xiaomi Redmi Note 6 Pro
Sony Xperia X10 Plus
Last edited:
  • Like
Reactions: Vision and osm0sis
Vision

Vision

Recognized Contributor / Recognized Translator
May 10, 2015
3,841
1
4,447
Acarnania 🇬🇷
Xiaomi Poco X3 NFC
  • Like
Reactions: fbirraque and osm0sis
Vision

Vision

Recognized Contributor / Recognized Translator
May 10, 2015
3,841
1
4,447
Acarnania 🇬🇷
Xiaomi Poco X3 NFC
FIERA03 said:
I think Google Indicated Partners are worth reserching.
developer.android.com

Play Integrity API | Android Developers

With the ability to publish rapidly to over 2 billion active Android devices, Google Play helps you grow a global audience for your apps and games and earn revenue.
developer.android.com
View attachment 6129417
Click to expand...
Click to collapse
FIERA03 said:
(Excuse the consecutive posts)A friend told me that I need to have DEVICE to set pass-key with this app.
play.google.com

dアカウント設定 - Apps on Google Play

A d account setting app provided by Docomo. You can change various settings of d Account such as "Passkey Authentication".
play.google.com
Click to expand...
Click to collapse
Thanks for the info, very useful.
I appreciate 🙏
 
  • Love
Reactions: FIERA03
E

Eula13

Senior Member
Sep 16, 2023
50
1
38
  • Like
Reactions: Vision
Z

Zwajton

New member
Oct 17, 2011
2
2
For Niantic Inc. you don't need to pass STRONG for all games.
The only one i know you need it for is the Ingress Prime.

Pokemon Go and Monster Hunter Now only needs BASIC integrity to work.
 
  • Like
Reactions: Vision
Z

Zwajton

New member
Oct 17, 2011
2
2
Vision said:
Really?
That's Good to know, because I hear pokemon go need strong.
Click to expand...
Click to collapse
It has been talk about it from some people using spoofing methods on reddit.

But then some people are saying Ingress is owned 100% by Niantic and Pokemon Go isnt so they cant do something like that.

I play Pokemon Go daily on a three rooted phones and i can confirm only basic is needed :).
 
  • Like
Reactions: Vision
Vision

Vision

Recognized Contributor / Recognized Translator
May 10, 2015
3,841
1
4,447
Acarnania 🇬🇷
Xiaomi Poco X3 NFC
Zwajton said:
It has been talk about it from some people using spoofing methods on reddit.

But then some people are saying Ingress is owned 100% by Niantic and Pokemon Go isnt so they cant do something like that.

I play Pokemon Go daily on a three rooted phones and i can confirm only basic is needed :).
Click to expand...
Click to collapse
Thanks for the info, very useful.
I appreciate.
So only basic for now pass 1/3.
 
  • Like
Reactions: Zwajton
You must log in or register to reply here.

Similar threads

chiteroman
🔧 [MODULE] Play Integrity Fix
Replies
28K
Views
4M
ezdiy
ezdiy
Vision
  • Sticky
Tricky Store - Bootloader & Keybox Spoofing
Replies
8K
Views
1M
Vision
Vision
Setialpha
[MODULE/SYSTEM] NanoDroid 23.1.2.20210117 (microG, pseudo-debloat, F-Droid + apps)
Replies
9K
Views
1M
ale5000
ale5000
veez21
[MODULE][Terminal] App Systemizer v17.3.1
Replies
2K
Views
563K
D
dedycx
S
[MODULE] App Systemizer for Magisk v9-v14 -- DEPRECATED
Replies
895
Views
360K
V
Vasile_versace

Top Liked Posts

24 Hours 30 Days All time
  • 2
    Vagelis1608
    Vagelis1608
    Just had to add Clash of Clans to the deny list, so Supercell must have added some form of root check at least to that, probably their other games as well.
    View
  • 2
    Vagelis1608
    Vagelis1608
    Just had to add Clash of Clans to the deny list, so Supercell must have added some form of root check at least to that, probably their other games as well.
    View
  • 10
    Vision
    Vision
    Apps&Games need PI (List).
    Also what detect root, and what combination need.

    All the credits for the images and apps and modules, go to the original devs.
    (I only share and take no responsibility for the contents of the attachments).


    Rules: Same as XDA

    • Please, if we can put large post into spoiler.​
    • Please, If we can add smaller image (or put large into spoiler) to take less space because huge images take forever to scroll down and extra pages are also created.

      NOTE: Don't post random images without saying anything or showing a problem.​


    Related info and links below.👇
    The images are clickable with the link.

    Related Threads:


    Read this excellent Guide Guide.png By @osm0sis



    Related Apps & Program for check and help:

    Play Integrity API Checker​

    Key Attestation (Fork)
    Native Root Detector

    With Play Integrity API Checker, you can check the Integrity of your device.
    NOTE: if you get an error message about a limit,
    you need to use another app, this is because a lot of users are requesting an attestation    .

    With Key Attestation, you can see supports generating, saving, loading, parsing and verifying Android key and ID attestation data.
    This fork is same as original with extra features.
    Info
    Native Root Detector.png
    With this amazing detection app, which can detect if you have BL unlocked, all the root trace (Magisk, LSPosed etc.), Custom Rom and lots more.


    All us know, if we unlock the BL of our device, then device integrity fails.

    Here you can post Apps&Games, what PI do they need or generally what check have and what is the solution.

    Some Apps&Games appear at first and can download, but when open (for apps until now) can't use it, if not pass DEVICE, because required to Pass 2/3.

    Also some Apps&Games, like Netflix, not only need B&D to work, but need general at first to pass 2/3, to appear on Google Play.

    Some Apps&Games need Strong Integrity.

    NOTE: From what it seems some apps need a combination of BASIC and locked bootloader.

    Note: All the tests, i have tried them on stock A11 with Kitsune Mask latest stable (module: PIFork v9).

    Google Indicated Partners:

    Play Integrity API | Android Developers

    With the ability to publish rapidly to over 2...
    developer.android.com
    What the Symbols means:
    • When you see 🔑 this mean, need BASIC.
    • When you see 📱this mean, need DEVICE.
    • When you see 💪 this mean, need STRONG.
    • When you see 👤 this mean it has been confirmed by me.
    • When you see 👥 this mean it has been confirmed by generals users.
    • When you see 🗣️ this mean only rumours by general users.
    • When you see 🔍 this mean need more search.
    • When you see🔒this mean need locked bootloader.
    • When you see 🔓this mean doesn't require a locked bootloader.
    • When you see ⚙️ this mean, check for Developer Options if is enabled.
    • When you see 🛠️ this mean, check for CUSTOM ROM.
    • When you see 🖥️ this mean, check for Emulators and can't start.
    • When you see 📝 this mean, have Applist Detection.​
    • When you see 'Info' just click it, and it will go to the message.


    Apps:
    Google Wallet

    YouTube​

    		VPN by Google for PixelNetflixMcDonald'sGoogle Messages

    Uber - Driver: Drive & Deliver​

    		Twitter

    Need 📱
    👥

    Need 📱
    👥
    (Usable but history won't update with new videos)
    Need 💪
    👥

    Need 📱
    👤👥
    (It doesn't appear on Google Play, if generally don't pass 2/3).

    Need 📱
    👤👥
    (Can download,
    but after can't use without pass).
    Info


    No PI Check.
    👤👥
    Partially, not work RCS.
    Even with STRONG.
    NOTE: RCS works even without BASIC Integrity, as long as it a unbanned print,
    and isn't blocked for RCS use.
    Info

    Need ?
    🗣️🔍
    Info

    dアカウント設定​

    		e-TítuloGCashBPI

    France Identité​

    VNeID​

    LG ThinQ​

    Zepp(formerly Amazfit)​


    👥
    According to info,
    need to have DEVICE to set pass-key.

    No PI Check.
    Root Check.
    Check 🛠️
    👥
    Info, Info, Info

    No PI Check.
    👥

    Need 📱
    👥

    Need 🔑
    Need 🔒
    👥

    Need ?
    Root Check.
    No mind if🔓
    👥🗣️🔍
    According to info, without STRONG get "Device not safe" at login.
    Info

    Need 📱
    Root Check.
    👥

    Need 📱
    👥
    (You can use it,
    without but shows a popup every time you open the app).
    COSMOTE

    WHAT'S UP​

    		Vodafone TV (GR)ERTFLIX

    Apple Music​

    Mynaportal​

    TD Bank (US)​

    Twilio Authy Authenticator​


    Root Check.
    👤

    Root Check.
    👤

    Root Check.
    👤

    Root Check.
    👤

    No PI Check.
    No mind if 🔓
    Root Check.
    👥
    Info

    Need 💪
    👥
    Info

    Need 💪
    👥
    Info

    Need 📱
    👥
    Info

    Maya – savings, loans, cards​

    PAYBACK - Karte und Coupons​

    DSK Smart​

    		Navy Federal Credit Union

    Turo — Car rental marketplace​

    Marcus by Goldman Sachs®​

    My WebID​

    Zoom Workplace​


    Root Check.
    Need 🔒
    Have 📝
    👥
    Info

    No PI Check.
    Root Check.
    No mind if 🔓
    Check 🛠️
    👥
    Info

    No PI Check.
    Need 🔒
    👥
    According to info, all apps by this company need the same.

    No PI Check (At first).
    Need 📱 + DenyList enforced for biometric login.
    👥
    Info

    Need 📱
    Info, Info
    👥

    Root Check.
    Info
    👥

    Root Check.
    Info
    👥

    Root Check.
    Info
    👥

    Microsoft Intune​

    MobileIron​

    Intelligent Hub​

    Brazil Brazilian Government (gov.br)​

    MeinMagenta: Handy & Festnetz​

    TK-App​

    TK-Ident​

    Revolut Bank​


    Need 📱
    👥
    Info

    All of the apps from this company.
    Need 📱
    👥

    Need 📱
    👥

    Need 🔑
    👥
    Info
    (It doesn't appear on Google Play, if generally don't pass 2/3).

    Root Check.
    Check 🛠️
    👥
    Info, Info, Info

    Root Check.
    👥
    Info

    Root Check.
    👥
    Info

    Need 🔒
    Root Check.
    👥
    Info

    ZA Bank​


    Root Check.
    👥
    Info
    View
    6
    G
    geekboy38
    zgfg said:
    Can you try with Beta 2 and Canary Sep 21 prints as attached (in the old JSON format)

    They pass Strong A13+ with a valid KB and without spoofing Provide (you may need to adapt all= in TS security_patch.txt) but they don't pass <A13 (spoofVendingSdk enabled)

    They also don't pass A13+ when spoofVendingFinger is enabled

    So, they have expired (by Oct 20 and Nov 5, resp), and they are 'banned' for PlayStore (vending) but not 'generally'. Hence, to see are they 'banned' for RCS or not
    Click to expand...
    Click to collapse
    Hi

    I've done this now and got identical outcomes for both beta 2 and canary, so will just list one set of results. Again, same setup/methodology re RCS toggling and restarting. When I used a valid, unrevoked keybox I set the TS security_patch to match 2025-09-05 as per prints. Although I checked both <A13 & A13+ PI verdicts (with & without keybox) and also A13+ PI with spoofVendingFinger=1, all RCS messages were tested without using keybox and with spoofVendingSdk=spoofVendingFinger=0 (same as previously).

    Couple of points to note again: I have broken TEE and also I have my ROM set to latest stock fingerprint at boot and so don't normally use/need spoofVendingFinger. Also, I have never had any success with using that for "canary strong flaw/spoof" either and I think that's because of the broken TEE. Anyway, for both prints:

    Testing PI with fully valid keybox:
    <A13 BASIC, A13+ STRONG, but with spoofVendingFinger=1 then A13+ falls to BASIC.
    RCS worked!

    Testing PI with no keybox:
    <A13 BASIC, A13+ NULL (also with spoofVendingFinger=1)
    RCS worked!

    Testing PI with no keybox and typing nonsense in the middle of fingerprint:
    <A13 BASIC (I forget how to get NULL here!), A13+ NULL
    RCS failed.

    Conclusions/thoughts:

    As prints have expired, I'm not surprised they are limited to <A13 BASIC because DG handles this verdict and has blocked the spoofed print. Similarly, not surprised that verdicts are limited to A13+ BASIC if using spoofVendingFinger=1 because then Vending sees the spoofed print and seems they have blocked them in sync with <A13 verdicts. I'd be interested to know the PI verdicts for real Pixels running these older versions?

    However, I am rather surprised they are still valid for RCS because it suggests they still maintain a separate list for this and/or are simply slower at blocking prints than the PI team.

    Edit: So, once again it seems PI is irrelevant and only unbanned print matters for RCS. I guess I should caveat that I have always had <A13 BASIC throughout these tests and so I can't rule out that they aren't using some custom api that effectively needs legacy BASIC in the same way Wallet effectively needs legacy DEVICE. I doubt this though... but if someone can remind me how to fail legacy BASIC then I can test that haha.

    Edit 2 in this book: Ah! No matter what garbage I type in the fingerprint field I pass legacy BASIC. But if I change the manufacturer (Gooogle) and/or model (Pixel 99 Flake) fields I fail it. This did result in some difficulty getting RCS to connect (had to verify number a couple times), but once connected RCS messages still sent. So, integrity seems unimportant.
    View
    6
    simplepinoi177
    Vision said:
    Oops.

    It seems that can't add per message more than 50 images with the method: [ URL=Link][ IMG]Image[/IMG][/URL]
    View attachment 6253510

    I didn't know that.

    To any mods. who sees this and has time.

    So only solution is get second OP from below the first (Like Tricky Store thread) or is there other ?

    Best, Vision.
    Click to expand...
    Click to collapse
    @Vision, I can't say or speak to if the only solution is reserving 1 or more posts to an OP -- it'd be best to bring it up to any forum administrator in proper thread or PMs if you really wish -- but I went ahead and created a second post for your OP.
    In case you didn't know, and FYI for any other member, just as easily as posting in your thread, you can use the Report button to point out any forum maintenance or request as well. It just so happened that, as I engaged in this thread in the past, I am updated to it and just so happened to see your request....

    Hope this is satisfactory, simplepinoi177 FSM
    View
    5
    xcl1pse
    mkcs said:
    Could someone access the login page of "com.mtel.androidbea"? Latest stable version of Shamiko, Zygisk-Next, TS, HMA are installed via KSU. Even whitelist all except system apps in HMA could not prevent the popup browser warning. I have no idea of what is being detected.
    Click to expand...
    Click to collapse
    I can open it


    But since you asking in app/pi thread, i only answer related to pi (play integrity) (educational purpose only).

    For start, this app use promonshield as rasp/app protection. When this app launch:

    1. It initiates to binder ipc calls to the keystore service

    Code: 
    [9510|9977|binder:9510_4] futex(uaddr=0x7c05ab81c8(1772), op=129, val=1, timeout=0x0, uaddr2=0x0(0), val3=0)
[9510|9977|binder:9510_4] futex(uaddr=0x7c05ab81c8, op=129, val=1, timeout=0x0, uaddr2=0x0, val3=0, ret=1)

    2. After receive binder calls, keystore service access sqlite database in /data/misc/keystore

    Code: 
    [880|9646|binder:880_7] newfstatat(dirfd=-100, pathname=0xb400007ab42aff53(/data/misc/keystore/persistent.sqlite-journal), statbuf=0x7ab4d71450, flags=0x0) LR:0x7b376bee70 PC:0x7b3c35f85c SP:0x7ab4d71450
[880|9646|binder:880_7] newfstatat(dirfd=-100, pathname=0xb400007ab42aff81(/data/misc/keystore/persistent.sqlite-wal), statbuf=0x7ab4d71410, flags=0x0) LR:0x7b376bee70 PC:0x7b3c35f85c SP:0x7ab4d71410

    3. The app confirm with logcat

    Code: 
    880  3969 I keystore2: system/security/keystore2/src/security_level.rs:703 - In generate_key. 10315, Some("com.mtel.androidbea.PromonHardwareBoundIdRsaKey")
880  3969 I keystore2: system/security/keystore2/src/database.rs:2347 - In store_new_key "com.mtel.androidbea.PromonHardwareBoundIdRsaKey", uid=10315, cert=true, cert_chain=false rebound=false

    4. Oh, found no key? Is it a first time installed?

    5. Now it called binder again

    Code: 
    [9510|9977|binder:9510_4] futex(uaddr=0x7c05ab81c8(2172), op=129, val=1, timeout=0x0, uaddr2=0x0(0), val3=0) LR:0x7e1516920c PC:0x7e150fe1c4 SP:0x77aad6dab0
[9510|9977|binder:9510_4] futex(uaddr=0x7c05ab81c8, op=129, val=1, timeout=0x0, uaddr2=0x0, val3=0, ret=1)
[9510|9977|binder:9510_4] close(fd=309) LR:0x7e151064cc PC:0x7e1515535c SP:0x77aad6e650
[9510|9977|binder:9510_4] close(fd=309, ret=0)
[9510|9977|binder:9510_4] close(fd=305) LR:0x7e151064cc PC:0x7e1515535c SP:0x77aad6e650
[9510|9977|binder:9510_4] close(fd=305, ret=0)
[9510|9977|binder:9510_4] ioctl(fd=74, cmd=0xc0306201, arg=0x77aad6ea48) LR:0x7e1510c3bc PC:0x7e1515557c SP:0x77aad6e930
[9510|9977|binder:9510_4] ioctl(fd=74, cmd=0xc0306201, arg=0x77aad6ea48, ret=0x0)
[9510|9977|binder:9510_4] fcntl(fd=305, cmd=1030, arg=0) LR:0x7e15105da4 PC:0x7e151555dc SP:0x77aad6e110
[9510|9977|binder:9510_4] fcntl(fd=305, cmd=1030, arg=0, ret=348)
[9510|9977|binder:9510_4] fcntl(fd=307, cmd=1030, arg=0) LR:0x7e15105da4 PC:0x7e151555dc SP:0x77aad6e090
[9510|9977|binder:9510_4] fcntl(fd=307, cmd=1030, arg=0, ret=350)
[9510|9977|binder:9510_4] ppoll(fds=0x77aad6df70(fd=316, events=1, revents=0), nfds=1, tmo_p=0x77aad6df28(sec=0, nsec=0), sigmask=0x0[], sigsetsize=0) LR:0x7e1510eee0 PC:0x7e1515663c SP:0x77aad6df20
[9510|9977|binder:9510_4] ppoll(fds=0x77aad6df70, nfds=1, tmo_p=0x77aad6df28(sec=0, nsec=0), sigmask=0x0, sigsetsize=0, ret=1)
[9510|9977|binder:9510_4] ppoll(fds=0x77aad6df70(fd=350, events=1, revents=0), nfds=1, tmo_p=0x77aad6df28(sec=0, nsec=0), sigmask=0x0[], sigsetsize=0) LR:0x7e1510eee0 PC:0x7e1515663c SP:0x77aad6df20
[9510|9977|binder:9510_4] ppoll(fds=0x77aad6df70, nfds=1, tmo_p=0x77aad6df28(sec=0, nsec=0), sigmask=0x0, sigsetsize=0, ret=0)

    6. And tried generating key (x is censorship)

    Code: 
    [880|9646|binder:880_7] newfstatat(dirfd=-100, pathname=0xb400007ab42aff53(xxxxx), statbuf=0x7ab4d71140, flags=0x0) LR:0x7b376bee70 PC:0x7b3c35f85c SP:0x7ab4d71140
[880|9646|binder:880_7] newfstatat(dirfd=-100, pathname=0xb400007ab42aff81(xxxxx), statbuf=0x7ab4d71100, flags=0x0) LR:0x7b376bee70 PC:0x7b3c35f85c SP:0x7ab4d71100
[880|9646|binder:880_7] newfstatat(dirfd=-100, pathname=0xb400007ab42aff2c(xxxxx), statbuf=0x7ab4d70e60, flags=0x0) LR:0x7b376e6f94 PC:0x7b3c35f85c SP:0x7ab4d70e50
[880|19080|binder:880_7] newfstatat(dirfd=-100, pathname=0xb400007ab4233b53(xxxxx), statbuf=0x7ab54f2cb0, flags=0x0) LR:0x7b376bee70 PC:0x7b3c35f85c SP:0x7ab54f2cb0
[880|19080|binder:880_7] newfstatat(dirfd=-100, pathname=0xb400007ab4233b81(xxxxx), statbuf=0x7ab54f2c70, flags=0x0) LR:0x7b376bee70 PC:0x7b3c35f85c SP:0x7ab54f2c70 xxxxx xxxxx xxxxx xxxxx xxxxx
[880|19080|binder:880_7] pread64(fd=8, buf=0xb400007ab4ad2c00(xxxxx), count=4096, offset=0, ret=4096)
[880|9646|binder:880_7] pwrite64(fd=14, buf=0xb400007ab4b70c00(xxxxx), count=4096, offset=0) LR:0x7b376e5580 PC:0x7b3c35f2bc SP:0x7ab4d71090
[880|19080|binder:880_7] pread64(fd=8, buf=0xb400007ab4abd800(xxxxx), count=4096, offset=552960, ret=4096)
[880|9646|binder:880_7] pwrite64(fd=14, buf=0xb400007ab4a09800(xxxxx), count=4096, offset=471040) LR:0x7b376e5580 PC:0x7b3c35f2bc SP:0x7ab4d71090[880|9646|binder:880_7] pwrite64(fd=14, buf=0xb400007ab4b77000(xxxxx), count=4096, offset=552960) LR:0x7b376e5580 PC:0x7b3c35f2bc SP:0x7ab4d71090
[880|9646|binder:880_7] pwrite64(fd=14, buf=0xb400007ab4a86400(xxxxx), count=4096, offset=847872) LR:0x7b376e5580 PC:0x7b3c35f2bc SP:0x7ab4d71090
[880|19080|binder:880_7] pread64(fd=8, buf=0xb400007ab4244000(xxxxx), count=4096, offset=827392, ret=4096) xxxxx xxxxx xxxxx xxxxx xxxxx

    7. It failed? Why? Regenerated again. Failed again?

    8. The key is not found?

    Code: 
    880  3969 E keystore2: system/security/keystore2/src/error.rs:182 - Rc(r#KEY_NOT_FOUND), "system/security/keystore2/src/service.rs:172: In get_key_entry, while trying to load key info. 10315, Some(\"com.mtel.androidbea.PromonHardwareBoundIdRsaKey2\")"
880  3969 E keystore2: system/security/keystore2/src/error.rs:182 - Rc(r#KEY_NOT_FOUND), "system/security/keystore2/src/service.rs:172: In get_key_entry, while trying to load key info. 10315, Some(\"com.mtel.androidbea.PromonHardwareBoundIdRsaKey2\")"

    9. Key is not found. In normal situation, it cannot happen. The only possible way is the phone have damage/broken tee. But considering keystore is function normally, now conclusion is directly change to cant generated key = unlocked bootloader

    10. Force close the app, start intent with default phone browser, redirect to their link with caption "You cant open this app in this phone, please use other secure phone"

    Good news that this app doesnt use play integrity api, so you can add package name that app in tricky store list. Even revoked key is fine since it doesnt directly check revoked key
    View
    5
    CZ.Kostra
    @Fredator

    I tried installing SG Pay.
    I intentionally broke the PI to Basic and the application drops me to the screen with adding a card (I don't know if this is relevant).
    I think it doesn't check the PI but looks for ROOT.

    I am using KernelSU Next+SuSFS and I did not take any precautions against the application.
    View

New posts