Content deleted Content added
No edit summary |
No edit summary |
||
| (34 intermediate revisions by 15 users not shown) | |||
Line 1:
{{Short description|Security module for computing apps}}
'''Play Integrity API''' (formerly known as '''SafetyNet)'''<ref>{{Cite web|title=SafetyNet Overview|url=https://developer.android.com/training/safetynet|website=Android Developers|language=en-US}}</ref> consists of several [[application programming interface]]s (APIs) offered by the [[Google Play Services]] to support security sensitive applications and enforce [[Digital rights management|DRM]]. Currently, these APIs include device integrity verification, app verification, recaptcha and web address verification. It uses an environment called DroidGuard to perform the [[Remote attestation|attestation]].<ref name=":0">{{Cite web |date=2022-05-12 |title=DroidGuard: A Deep Dive into SafetyNet |url=https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/ |access-date=2025-07-08 |website=Romain Thomas |language=en-us}}</ref>
The '''SafetyNet API''' is a security feature of [[Google Play Services]] to provide security sensitive applications verification that the integrity of the device is not compromised, using an [[application programming interface]] (API).<ref>{{Cite web|last=Hoffman|first=Chris|title=SafetyNet Explained: Why Android Pay and Other Apps Don't Work on Rooted Devices|url=https://www.howtogeek.com/241012/safetynet-explained-why-android-pay-and-other-apps-dont-work-on-rooted-devices/|access-date=2021-09-11|website=How-To Geek|language=en-US}}</ref><ref>{{Cite web|date=2020-06-29|title=Google's dreaded SafetyNet hardware check has been spotted in the wild|url=https://www.androidpolice.com/2020/06/29/googles-dreaded-safetynet-hardware-check-has-been-spotted-in-the-wild/|access-date=2021-09-11|website=Android Police|language=en-US}}</ref><ref>{{Cite journal|last1=Ibrahim|first1=Muhammad|last2=Imran|first2=Abdullah|last3=Bianchi|first3=Antonio|date=2021-06-24|title=SafetyNOT: on the usage of the SafetyNet attestation API in Android|journal=Proceedings of the 19th Annual International Conference on Mobile Systems, Applications, and Services|language=en|___location=Virtual Event Wisconsin|publisher=ACM|pages=150–162|doi=10.1145/3458864.3466627|isbn=978-1-4503-8443-8|doi-access=free}}</ref>▼
Due to this, some consider this a monopolistic practice deterring the entrance of competing mobile operating systems in the market. <ref>{{cite web |last1=Schwab |first1=Andreas |last2=Echeverria |first2=Pablo Arias |title=Time to restore fairness and contestability in digital markets |url=https://www.euractiv.com/section/digital/opinion/time-to-restore-fairness-and-contestability-in-digital-markets/ |website=www.euractiv.com |date=24 March 2022}}</ref>▼
== Attestation ==
▲The
▲Due to this, some consider this a monopolistic practice deterring the entrance of competing [[mobile operating
It requires a network connection to Google servers and validates the hardware signatures. Amongst the checks, the API looks for [[Bootloader unlocking|bootloader unlock]] status, ROM signatures, kernel strings, it also uses [[Verified boot|AVB2.0]] and [[dm-verity]] attestations. Upon successful checks, [[Google Play]] will mark the device as ''Certified''. The attestation runs in an environment called DroidGuard (<code>com.google.android.gms.unstable</code>).<ref name=":0" />
The SafetyNet Attestation API (one of the four APIs under the SafetyNet umbrella) has been deprecated.<ref name="timeline">{{Cite web|title=SafetyNet Deprecation Timeline|url=https://developer.android.com/privacy-and-security/safetynet/deprecation-timeline|website=Android Developers|language=en-US}} {{Retrieved|access-date=2023-10-06}}</ref> {{As of|2023|10|6|post=,}} Google planned to replace it with the '''Play Integrity API''' by the end of January 2025.<ref name="timeline" /><ref>{{cite web |title=Migrating from the SafetyNet Attestation API {{!}} Google Play |url=https://developer.android.com/google/play/integrity/migrate |website=Android Developers |language=en}}</ref> The transition ended on {{Date|2025-05-20}}, breaking applications which hadn't been updated.<ref>{{Cite web |date=2025-05-21 |title=Google deprecates old SafetyNet API in favor of Play Integrity API |url=https://linustechtips.com/topic/1612681-google-deprecates-old-safetynet-api-in-favor-of-play-integrity-api/ |access-date=2025-07-08 |website=Linus Tech Tips |language=en-US}}</ref> These attestations are offered by Google Play Services and thus are not available on [[Free software|free]] Android environments, like [[Android Open Source Project|AOSP]]. Therefore, developers can require the API to be available and may refuse to execute on AOSP builds.
== Google Play Protect ==
Under the same umbrella, Play Protect is a mechanism to find and remove "vulnerable" apps from one's Android device as well as store apps. Although it's meant to scan for malware-containing apps, it also looks for non-DRM compliant apps.<ref>{{Cite web|title=Android-Cerified|url=https://www.android.com/certified/}}</ref>
== Criticism ==
Multiple groups have criticised SafetyNet and the Play Integrity API.<ref>{{Cite web |title=Please remove the requirement for that CRAP of Google Play Integrity · Issue #287 · eu-digital-identity-wallet/eudi-app-android-wallet-ui |url=https://github.com/eu-digital-identity-wallet/eudi-app-android-wallet-ui/issues/287 |access-date=2025-07-07 |website=GitHub |language=en}}</ref> Criticisms include that it offers weaker protection compared to alternatives such as Android's hardware attestation API, which provides a stronger form of verification while having the ability to remain compatible with more secure Android operating systems like [[GrapheneOS]].<ref>{{Cite web |title=Attestation compatibility guide {{!}} Articles {{!}} GrapheneOS |url=https://grapheneos.org/articles/attestation-compatibility-guide |access-date=2025-07-07 |website=grapheneos.org |language=en}}</ref><ref>{{Cite web |title=use the standard Android hardware attestation API to verify the device, OS and app instead enforcing licensing Google Mobile Services · Issue #390 · eu-digital-identity-wallet/eudi-app-android-wallet-ui |url=https://github.com/eu-digital-identity-wallet/eudi-app-android-wallet-ui/issues/390 |access-date=2025-07-07 |website=GitHub |language=en}}</ref>
Critics have also argued that the Play Integrity API undermines competition by effectively requiring developers to rely on Google's proprietary services, strengthening its monopoly over the Android ecosystem and disadvantaging alternative, privacy-focused operating systems.<ref>{{Cite web |last=Stallman |first=Richard |title=Can You Trust Your Computer? |url=https://www.gnu.org/philosophy/can-you-trust.html |access-date=2025-07-07 |website=[[GNU Project]]}}</ref>
Users have also developed tools, such as the ''Play Integrity Fix'' module for [[Magisk (software)|Magisk]]/[[KernelSU]]/APatch, which tricks the attestation using leaked fingerprints of vulnerable devices.<ref>{{Citation |last=Renshaw |first=Chris |title=osm0sis/PlayIntegrityFork |date=2025-07-07 |url=https://github.com/osm0sis/PlayIntegrityFork |access-date=2025-07-07}}</ref><ref>{{Cite tweet |number=1925727131180356008 |user=GrapheneOS |title=Hardware-based attestation can be secure, but the way the Play Integrity API uses it is also highly insecure. It can be bypassed via leaked keys from the most insecure Android devices in the ecosystem. Secure way to use it is pinning, not trusting everything chaining to a root. |first=GrapheneOS |date=2025-05-23 |access-date=2025-07-07}}</ref> Some developers made petitions on sites like [[Change.org]].<ref>{{Cite web |last=TastyDepartureFrom |date=2024-11-21 |title=Stop Google from limiting access to Custom ROMS via Play Integrity. |url=http://www.reddit.com/r/degoogle/comments/1gwed3u/stop_google_from_limiting_access_to_custom_roms/ |access-date=2025-07-07 |website=r/degoogle}}</ref>
Furthermore, some have questioned the effectiveness of the attestation, claiming it does not deliver the level of security promised by Google and instead serves more as a form of [[vendor lock-in]] than a meaningful security measure. Activists have also raised concerns that it may violate antitrust and competition laws, like the [[Digital Markets Act]].
== See also ==
* [[Samsung Knox]]
* [[Trusted Computing]]
== References ==
Line 12 ⟶ 33:
* [https://developer.android.com/training/safetynet Protect against security threats with SafetyNet]
* [https://github.com/kdrag0n/safetynet-fix/blob/master/docs/details.md How does Universal SafetyNet Fix work?]
* [https://
* [https://developer.android.com/google/play/integrity Play Integrity API Documentation]
* [https://developer.android.com/google/play/integrity/migrate Play Integrity API Migration Guide]
Line 20 ⟶ 41:
[[Category:Android (operating system)]]
[[Category:Computer security]]
[[Category:Digital rights management systems]]
| |||