SafetyNet API
The SafetyNet API[1] consists of several application programming interfaces (APIs) offered by the Google Play Services to support security sensitive applications, such as DRM. Currently, these APIs include device integrity verification, app verification, recaptcha and web address verification.
Attestation
The SafetyNet Attestation API,[2] one of the APIs under the SafetyNet umbrella, provides verification that the integrity of the device is not compromised.[3][4][5] In practice, non-official ROMs such as LineageOS fail the hardware attestation and thus restrict the user from enjoying a pure Android implementation (without the Google Services) while being able to use third-party apps (mainly banking). Due to this, some consider this a monopolistic practice deterring the entrance of competing mobile operating systems in the market. [6]
The SafetyNet Attestation API (one of the four APIs under the SafetyNet umbrella) has been deprecated.[7] (As of October 2023) Google expects to fully replace it with the Play Integrity API by the end of January 2025.[7][8] Like the SafetyNet APIs, the Play Integrity API is offered by Google Services and thus is not available on free Android environments (AOSP). Therefore, apps that require the API to be available may refuse to execute on AOSP builds.
References
- ↑ "SafetyNet Overview" (in en-US). https://developer.android.com/training/safetynet.
- ↑ "SafetyNet Attestation API" (in en-US). https://developer.android.com/training/safetynet/attestation.
- ↑ Hoffman, Chris. "SafetyNet Explained: Why Android Pay and Other Apps Don't Work on Rooted Devices" (in en-US). https://www.howtogeek.com/241012/safetynet-explained-why-android-pay-and-other-apps-dont-work-on-rooted-devices/.
- ↑ "Google's dreaded SafetyNet hardware check has been spotted in the wild" (in en-US). 2020-06-29. https://www.androidpolice.com/2020/06/29/googles-dreaded-safetynet-hardware-check-has-been-spotted-in-the-wild/.
- ↑ Ibrahim, Muhammad; Imran, Abdullah; Bianchi, Antonio (2021-06-24). "SafetyNOT" (in en). Proceedings of the 19th Annual International Conference on Mobile Systems, Applications, and Services. Virtual Event Wisconsin: ACM. pp. 150–162. doi:10.1145/3458864.3466627. ISBN 978-1-4503-8443-8.
- ↑ Schwab, Andreas; Echeverria, Pablo Arias (24 March 2022). "Time to restore fairness and contestability in digital markets". https://www.euractiv.com/section/digital/opinion/time-to-restore-fairness-and-contestability-in-digital-markets/.
- ↑ 7.0 7.1 "SafetyNet Deprecation Timeline" (in en-US). https://g.co/play/safetynet-timeline. Retrieved 2023-10-06.
- ↑ "Migrating from the SafetyNet Attestation API | Google Play" (in en). https://developer.android.com/google/play/integrity/migrate.
External links
- Protect against security threats with SafetyNet
- How does Universal SafetyNet Fix work?
- SafetyNet Attestation API deprecation timeline
- Play Integrity API Documentation
- Play Integrity API Migration Guide
Original source: https://en.wikipedia.org/wiki/SafetyNet API.
Read more |