Related
It looks like it should with Magisk, but I can't seem to get it to work. I have pay hidden, using magisk 17.1 and passing safety net. It sticks at card verification. It says "verifying with bank", then kicks me to the payment screen where it says "verification needed". Clicking on that gives me a momentary waiting circle, but nothing else happens. I've tried it with 2 different cards. US998, RR oreo 8.1.
nola mike said:
It looks like it should with Magisk, but I can't seem to get it to work. I have pay hidden, using magisk 17.1 and passing safety net. It sticks at card verification. It says "verifying with bank", then kicks me to the payment screen where it says "verification needed". Clicking on that gives me a momentary waiting circle, but nothing else happens. I've tried it with 2 different cards. US998, RR oreo 8.1.
Click to expand...
Click to collapse
That's not an issue with Pay. If Magisk was being blocked by root/unlocked bootloader, you would get a message when you first fire up Pay that your phone can't be verified so "Google Pay can't run on this device".
Have you contacted your bank to make sure they support it? If it's not being verified with your bank, sounds like you need to call them. For the last few years, my bank didn't. It wasn't until this past year that they actually allowed it.
I'm not sure what the issue was. It wasn't with the bank(s). I was having the same issue with all the cards I tried. Eventually did a wipe and it worked.
nola mike said:
I'm not sure what the issue was. It wasn't with the bank(s). I was having the same issue with all the cards I tried. Eventually did a wipe and it worked.
Click to expand...
Click to collapse
Well that's weird. Glad it's working though! :good:
After installing Google Pay, hide it using Magisk Hide, and Hide Magisk Manager in Magisk Settings. Then remove phone permission from Google Play Services and Play Store. Now you can register Pay on your rooted phone. After registration is complete, you should allow phone permission to Play Services and Play Store. This trick works always, I've tested with multiple custom roms with and without selinux enforcing.
If we want to reuse root features should we give phone permissions again ?
If we want to use Google pay again later should we re hide magisk and permissions ?
JackFrost said:
After installing Google Pay, hide it using Magisk Hide, and Hide Magisk Manager in Magisk Settings. Then remove phone permission from Google Play Services and Play Store. Now you can register Pay on your rooted phone. After registration is complete, you should allow phone permission to Play Services and Play Store. This trick works always, I've tested with multiple custom roms with and without selinux enforcing.
Sent from my Moto G (4) using Tapatalk
Click to expand...
Click to collapse
Sent from my Redmi 4 using Tapatalk
Yes and No
cneeli78 said:
If we want to reuse root features should we give phone permissions again ?
If we want to use Google pay again later should we re hide magisk and permissions ?
Sent from my Redmi 4 using Tapatalk
Click to expand...
Click to collapse
Phone permissions have nothing to do with root features, I didn't exactly understand what do you mean by reuse root features but I don't recall any root solution app or framework asking for Phone Permission. If you are asking about granting phone permission to Google Play Services after Google Pay registration, you should do it, it's not recommended to deny phone permission to Google Play Services. And once you hide Magisk you don't need to change it's state as Magisk will continue to work as expected whether it's hidden or not.
JackFrost said:
After installing Google Pay, hide it using Magisk Hide, and Hide Magisk Manager in Magisk Settings. Then remove phone permission from Google Play Services and Play Store. Now you can register Pay on your rooted phone. After registration is complete, you should allow phone permission to Play Services and Play Store. This trick works always, I've tested with multiple custom roms with and without selinux enforcing.
Click to expand...
Click to collapse
Yes it's working
JackFrost said:
After installing Google Pay, hide it using Magisk Hide, and Hide Magisk Manager in Magisk Settings. Then remove phone permission from Google Play Services and Play Store. Now you can register Pay on your rooted phone. After registration is complete, you should allow phone permission to Play Services and Play Store. This trick works always, I've tested with multiple custom roms with and without selinux enforcing.
Click to expand...
Click to collapse
thanks.its working
You are welcome
Arokia said:
Yes it's working
Click to expand...
Click to collapse
Karthik Arun said:
thanks.its working
Click to expand...
Click to collapse
There is a thanks button you can press if I could help you
JackFrost said:
There is a thanks button you can press if I could help you
Click to expand...
Click to collapse
Am I doing something wrong? I did everything but when I deny phone permissions I get a pop up saying its required to open google pay and cannot get passed that
raguilera510 said:
Am I doing something wrong? I did everything but when I deny phone permissions I get a pop up saying its required to open google pay and cannot get passed that
Click to expand...
Click to collapse
Did you by any chance remove phone permission from Google Pay app? You need to turn off telephone permission from Google Play Services and Google Play Store. Google Pay app needs phone permission to verify the phone number, don't turn off phone permission from Pay, do it for only play store and play services. Hope that helped.
Does not work
Once I renable telephone permission for Google Play Services, googlepay does not work anymore. Asks me to register and then I cannot register as I dont pass the security test. I am on lineage os 15.1
Non rooted lineageOS
I am a real newbie but i do use google pay a lot.
Will google pay just work on lineageOS that wasnt rooted or with magisk install, only with an unlocked bootloader. Or will i need extra work to do before i can use it?
kekekelasomot said:
I am a real newbie but i do use google pay a lot.
Will google pay just work on lineageOS that wasnt rooted or with magisk install, only with an unlocked bootloader. Or will i need extra work to do before i can use it?
Click to expand...
Click to collapse
Extra work? There's no extra work to install Magisk. It's part of the instructions when unlocking the bootloader and installing TWRP. Magisk Hide (part of Magisk Manager) lets Google Pay work.
When you unlock the bootloader and install TWRP (which you need to install ROMs), the next steps in the process include flashing three files IN TWRP: the no root checker, the no encryption and Magisk. I'm not clear why you would just stop short of finishing the process.
Unless you use Magisk Hide, simply unlocking the bootloader will cause Google Pay to then fail -- even without installing TWRP or a ROM.
Unlocked bootloader by itself -- without Magisk Hide (a part of Magisk) -- will cause Safety Net to fail. Google Pay will not work.
Why do you want Lineage OS without root? That's like owning a car with internal combustion engine, but refusing to put in gasoline. (or refusing to charge a Tesla.) You can do it, but to me it doesn't make sense.
You might as well stay on stock unrooted firmware.
I have stock rooted firmware. I'm not using any custom ROMs -- but at least I have root and my Magisk mods.
ChazzMatt said:
Extra work? There's no extra work to install Magisk. It's part of the instructions when unlocking the bootloader and installing TWRP. Magisk Hide (part of Magisk Manager) lets Google Pay work.
When you unlock the bootloader and install TWRP (which you need to install ROMs), the next steps in the process include flashing three files IN TWRP: the no root checker, the no encryption and Magisk. I'm not clear why you would just stop short of finishing the process.
Unless you use Magisk Hide, simply unlocking the bootloader will cause Google Pay to then fail -- even without installing TWRP or a ROM.
Unlocked bootloader by itself -- without Magisk Hide (a part of Magisk) -- will cause Safety Net to fail. Google Pay will not work.
Why do you want Lineage OS without root? That's like owning a car with internal combustion engine, but refusing to put in gasoline. (or refusing to charge a Tesla.) You can do it, but to me it doesn't make sense.
You might as well stay on stock unrooted firmware.
I have stock rooted firmware. I'm not using any custom ROMs -- but at least I have root and my Magisk mods.
Click to expand...
Click to collapse
Thank you. Just flash magisk and hide google pay using it. From what i under stand is i have root access+ unlocked bootloader+ google pay functionalities. And the reason not to root is just because i want the feel of stock android+some nice modification
Recently had this problem with G Pay also. Found where some just deleted 'cache' and 'data' from Google Play and Play Services. That worked for me too. Of course hide Magisk etc first.
AsItLies said:
Recently had this problem with G Pay also. Found where some just deleted 'cache' and 'data' from Google Play and Play Services. That worked for me too. Of course hide Magisk etc first.
Click to expand...
Click to collapse
Thank you. That's all I had to do to get it working for me.
Hi, I'm not able to get Google Pay working on my rooted V30. I unlocked bootloader and flashed TWRP, no checker, no encryption, using chazzdave's WTF tutorial. Now have Havoc installed. I have hidden root from play, play services, and pay. I've hidden magisk by scrambling APK. I've cleared cache and data of play, play services, and pay. I've revoked telephone permission for play services and play store, although I had to re-enable play services telephone permission during card setup because pay wouldn't go any further. But nothing. Just error message that root is enabled and cannot proceed.
One of my banking apps which didn't work on root is working after hiding from magisk, but no Google pay. Has something updated and a loophole been closed?
Thanks
Forsh said:
Hi, I'm not able to get Google Pay working on my rooted V30. I unlocked bootloader and flashed TWRP, no checker, no encryption, using chazzdave's WTF tutorial. Now have Havoc installed. I have hidden root from play, play services, and pay. I've hidden magisk by scrambling APK. I've cleared cache and data of play, play services, and pay. I've revoked telephone permission for play services and play store, although I had to re-enable play services telephone permission during card setup because pay wouldn't go any further. But nothing. Just error message that root is enabled and cannot proceed.
One of my banking apps which didn't work on root is working after hiding from magisk, but no Google pay. Has something updated and a loophole been closed?
Thanks
Click to expand...
Click to collapse
Use Magisk v19. I believe it's a beta at the moment
Hi,
Any one can provide the fix for the google pay issue..am unable to register.
same here , using miui stable 10.0.6.0 with magisk 17.3
Use magisk hide settings + module safetypatch
Sent from my [device_name] using XDA-Developers Legacy app
peer mohd said:
Hi,
Any one can provide the fix for the google pay issue..am unable to register.
Click to expand...
Click to collapse
Go to settings, apps and notifications, google play services, permissions, disable telephone/phone access.
Now hide the Google pay application in Magisk Hide. Now it should work.
Hope this helps.
Uninstall magisk completely then register your pay account then install magisk
Hi all,
After disabling the google service permission for phone(if not work disable contacts,sms), Google pay is working.
Closed at OP's request.
Hi guys,
I'm using Miui Eu 11.0.6.0. I'm not sure what had gone wrong.Both ctsprofile and basicintegrity false. At first, I thought it was edxposed issue so I uninstall it, but it still the same issue after reboot.
Is there any way to resolve it? Appreciated.
These are my screenshots.
thomas140 said:
These are my screenshots.
Click to expand...
Click to collapse
Try disabling/ removing the magisk modules and if that doesn't work revert to stock kernel if you're using a custom kernel.
thomas140 said:
These are my screenshots.
Click to expand...
Click to collapse
Turn on magisk hide in settings and reboot.
MasterFURQAN said:
Try disabling/ removing the magisk modules and if that doesn't work revert to stock kernel if you're using a custom kernel.
Click to expand...
Click to collapse
Tried with stock miui Eu kernel but still the same. Disable all modules and still the same. Magisk hide is on. Hide magisk manager is on too. Weird.
callmebutcher101 said:
Turn on magisk hide in settings and reboot.
Click to expand...
Click to collapse
Both magisk hide and hide magisk manager is on but still both error. Funny.
thomas140 said:
Both magisk hide and hide magisk manager is on but still both error. Funny.
Click to expand...
Click to collapse
Did you hide all the google services from magisk ? Try clearing data of magisk and repeating the process. And btw MIUI EU can pass safetynet without magisk so if you really want safetyney pass you can sacrifice magisk.
callmebutcher101 said:
Did you hide all the google services from magisk ? Try clearing data of magisk and repeating the process. And btw MIUI EU can pass safetynet without magisk so if you really want safetyney pass you can sacrifice magisk.
Click to expand...
Click to collapse
Yup, I know miui Eu without magisk can definitely pass safetynet.
And ya, I have hide all related Google services and still same issue.
Just not sure what's triggering it.
But something's funny, when hide magisk manager, it still able to bypass those bank app root check although both still false status.lol
Try downgrading google play service. Run magisk from canary channel. Latest google play breaks cts
vjsanjay said:
Try downgrading google play service. Run magisk from canary channel. Latest google play breaks cts
Click to expand...
Click to collapse
Ok. That's surprising. For downgrading, I believe it is related to "uninstall updates", right?
Can disable the update once downgrade?
thomas140 said:
Ok. That's surprising. For downgrading, I believe it is related to "uninstall updates", right?
Can disable the update once downgrade?
Click to expand...
Click to collapse
Yes.. Till google makes mandatory.
vjsanjay said:
Yes.. Till google makes mandatory.
Click to expand...
Click to collapse
Update: you are correct. Once uninstalled update, status back to true.
I made few tests.
1. I tried install Edxposed, status became false.
2. In edxposed manager, blacklist Google play services and play store, still false.
3. Install hidden core module under exposed. Status became true but some government app became forced close.
4.I uninstaledl edxposed related stuff and reboot, status still false. I have to clear the data under Google play service to make status back to true.
So, it seems like edxposed is unable to hide properly like magisk does. No choice but have to abandon edxposed.
I recently unlocked my bootloader and flashed the latest xiaomi.eu MIUI 12 stable rom for my pocophone and flashed magisk for root access as well. Everything was fine and dandy untill i attempted to open my banking app, it greeted me with a messege saying that i don't have minimum security even though my phone passes all safetynet tests, i don't know where the problem is and i wish to solve it without having to switch back to stock.
Please help.
Have u tried renaming magisk manager and hiding it from banking apps. Worked for me.
ScarAss**** said:
I recently unlocked my bootloader and flashed the latest xiaomi.eu MIUI 12 stable rom for my pocophone and flashed magisk for root access as well. Everything was fine and dandy untill i attempted to open my banking app, it greeted me with a messege saying that i don't have minimum security even though my phone passes all safetynet tests, i don't know where the problem is and i wish to solve it without having to switch back to stock.
Please help.
Click to expand...
Click to collapse
Use magisk hide and hide it from your banking apps. If that doesn't work, hide it from google apps too.
mecoromeo said:
Use magisk hide and hide it from your banking apps. If that doesn't work, hide it from google apps too.
Click to expand...
Click to collapse
Tried it but no luck, I even uninstalled magisk but it still didn't work.
sanjay0501 said:
Have u tried renaming magisk manager and hiding it from banking apps. Worked for me.
Click to expand...
Click to collapse
How do i rename magisk?
https://forum.xda-developers.com/7t-pro/help/10-3-2-device-meet-minimum-security-t4084467/page2
Try this. He downloaded shelter to setup a working space for his bank apps
Use island app
I have a rooted Samsung SG10Exynos/OS9 that bypasses SafetyNet with the help of Magisk 26.0 & safetynet-fix-v2.4.0-MOD_1.2 (meets BASIC INTERGITY) that I have been using the Starling Bank app 2.92.1.79025 without an issue. I stupidly upgraded to the latest version and got the attached screenshot saying that I had 14 days to restore the device to factory settings (I was still able to use the app after pressing ok). I even more stupidly thought that I could revert back to the previous version that I was using, using Titanium Backup which failed (the app would just flash continuous on launch) and then Swift backup (where it would just repeatedly crash even even before being launched requiring a force stop)
If I wipe data/uninstall/restart phone and install fresh from google play, I now get the attached screenshot saying again to restore to factory, but the button says close app. So being a digital bank, I'm now locked out of my account.
I've tried to install previous versions from APKMirror mirror after wiping data/uninstall/restarting phone, and then just restoring my data with my Titanium/Swift backups but still no joy.
Does anyone know how to downgrade/install not the latest version of Starling Bank, which doesn't have the increased STRONG INTERGITY check?
nukescript said:
I have a rooted Samsung SG10Exynos/OS9 that bypasses SafetyNet with the help of Magisk 26.0 & safetynet-fix-v2.4.0-MOD_1.2 (meets BASIC INTERGITY) that I have been using the Starling Bank app 2.92.1.79025 without an issue. I stupidly upgraded to the latest version and got the attached screenshot saying that I had 14 days to restore the device to factory settings (I was still able to use the app after pressing ok). I even more stupidly thought that I could revert back to the previous version that I was using, using Titanium Backup which failed (the app would just flash continuous on launch) and then Swift backup (where it would just repeatedly crash even even before being launched requiring a force stop)
If I wipe data/uninstall/restart phone and install fresh from google play, I now get the attached screenshot saying again to restore to factory, but the button says close app. So being a digital bank, I'm now locked out of my account.
I've tried to install previous versions from APKMirror mirror after wiping data/uninstall/restarting phone, and then just restoring my data with my Titanium/Swift backups but still no joy.
Does anyone know how to downgrade/install not the latest version of Starling Bank, which doesn't have the increased STRONG INTERGITY check?
Click to expand...
Click to collapse
It will force you to use the latest app.
Block firebaseremoteconfig.googleapis.com
theoneofgod said:
It will force you to use the latest app.
Block firebaseremoteconfig.googleapis.com
Click to expand...
Click to collapse
Also having the same issue. Is this something I should be blocking in Zygiskhide? I can't see it there. Googling the above isn't helping me.
Undeadwolfy said:
Also having the same issue. Is this something I should be blocking in Zygiskhide? I can't see it there. Googling the above isn't helping me.
Click to expand...
Click to collapse
You could try Magisk Delta as it now acts as whitelist so you add only what you want with root. This won't bypass Starling security though. You need to also block address above.
Undeadwolfy said:
Also having the same issue. Is this something I should be blocking in Zygiskhide? I can't see it there. Googling the above isn't helping me.
Click to expand...
Click to collapse
Blocking this address (firebaseremoteconfig.googleapis.com) through AdAway has fixed it for me! That is along with all the things that were needed to run it previously.
theoneofgod said:
You could try Magisk Delta as it now acts as whitelist so you add only what you want with root. This won't bypass Starling security though. You need to also block address above.
Click to expand...
Click to collapse
I think the part where I'm stuck is, what would you suggest to block that address? I can't do that in HMA or in Denylist because it doesn't exist.
I've tried blocking in AdAway and manually adding and still getting Starling recognising root.
I've blocked anything Google Play Services, Play Protect, Wallet too. Starling is my main bank. Has only been an issue in the last couple weeks.
A13 P6 Pro running the April security update 13 (TQ2A.230405.003.E1), Magisk 26101, USNF 2.4.0 Mod 1.2, passing Safetynet Basic+ CTS.
Will look at Magisk Delta next.
marian42 said:
Blocking this address (firebaseremoteconfig.googleapis.com) through AdAway has fixed it for me! That is along with all the things that were needed to run it previously.
Click to expand...
Click to collapse
This isn't working for me :/. Can you share what other modules you're running/how you've set up Magisk?
I followed the directions in this video.
I didn't do the final step where he renames the Magisk app, seems that it isn't necesary.
The YASNAC app shows that the device passes "Basic integrity" and "CTS profile match".
Also remember that blocking firebaseremoteconfig.googleapis.com might break other apps that use this domain (I've found one so far).
Undeadwolfy said:
I think the part where I'm stuck is, what would you suggest to block that address? I can't do that in HMA or in Denylist because it doesn't exist.
I've tried blocking in AdAway and manually adding and still getting Starling recognising root.
I've blocked anything Google Play Services, Play Protect, Wallet too. Starling is my main bank. Has only been an issue in the last couple weeks.
A13 P6 Pro running the April security update 13 (TQ2A.230405.003.E1), Magisk 26101, USNF 2.4.0 Mod 1.2, passing Safetynet Basic+ CTS.
Will look at Magisk Delta next.
Click to expand...
Click to collapse
It's a recent update that broke it.
Try Magisk 26.1, enable Zygisk and enforce deny list. Add systemless hosts. Add only Starling to the deny list.
Install safetynet fix 2.4.0 mod 1.2 by displax.
Add the domain I posted to adaway blocklist. Make sure its enabled and in root mode.
theoneofgod said:
It's a recent update that broke it.
Try Magisk 26.1, enable Zygisk and enforce deny list. Add systemless hosts. Add only Starling to the deny list.
Install safetynet fix 2.4.0 mod 1.2 by displax.
Add the domain I posted to adaway blocklist. Make sure its enabled and in root mode.
Click to expand...
Click to collapse
That's exactly how I have it running now. No change.
Undeadwolfy said:
That's exactly how I have it running now. No change.
Click to expand...
Click to collapse
It's the domain that did it for me. Working fine as of now.
theoneofgod said:
It's the domain that did it for me. Working fine as of now.
Click to expand...
Click to collapse
Thanks for updating. I have both of these in my AdAway too
Code:
firebaseinstallations.googleapis.com
firebaseremoteconfig.googleapis.com
Nothing doing
Undeadwolfy said:
Thanks for updating. I have both of these in my AdAway too
Code:
firebaseinstallations.googleapis.com
firebaseremoteconfig.googleapis.com
Nothing doing
Click to expand...
Click to collapse
Clean install for Starling? I'm trying to think if I did something else.
Oh. Have you "hidden" Magisk?
Just to weigh in here, I can confirm blocking:
firebaseremoteconfig.googleapis.com
Does indeed allow the Starling app to work. Yes blocking Firebase is going to stop some applications working, but you could always pause AdAway until you are done using the problematic app then resume AdAway when you want to use Starling.
Many thanks @theoneofgod
Not working
Reverting the Starling app back to version 2.95.1.79953 fixes things - just don't forget to re-add it to the Deny List.
I'll probably stay on this version until a new fix is found for the current version 2.96.0.80202.
darsh said:
Reverting the Starling app back to version 2.95.1.79953 fixes things - just don't forget to re-add it to the Deny List.
I'll probably stay on this version until a new fix is found for the current version 2.96.0.80202.
Click to expand...
Click to collapse
Wild, even this didn't work for me. No idea why I'm having issues.
Hi All
Quick update - Can confirm that rolling back to 2.95.1.79953 does fix things for now
This is using adaway to block the Firebase URLs in a custom host file and using enforce denylist. It doesnt work beyond that for now.
I swapped over to Magisk Alpha for now but i dont know what Starling are doing in the background to see that you have root at this point. Its very annoying
- Edit 2
They seem to be detecting the Enforce Denylist in Magisk (In any form)
Disabling it on version 2.95.1 shows the app can see root. Enabling it allows the app to proceed as if you are not rooted.
Give KernelSU a try if you can. No modules or any workarounds required.
theoneofgod said:
Give KernelSU a try if you can. No modules or any workarounds required.
Click to expand...
Click to collapse
Isnt that the same as the setting in magisk that hides root from everything not on the su list. Which also doesnt work.