How to Pass SafetyNet and Play Integrity on Rooted Android
So you've rooted your phone, and now your banking app refuses to work? Google Pay gives you errors? Pokemon GO won't load?
Welcome to SafetyNet hell. But don't worry - we've got the solution.
Understanding the Problem
What is SafetyNet?
SafetyNet is Google's security API that lets apps check if a device has been modified. It's designed to detect:
- Rooted devices
- Unlocked bootloaders
- Custom ROMs
- Tampered system files
What is Play Integrity?
Play Integrity is SafetyNet's successor, introduced in 2022. It's stricter and includes three verdict levels:
| Verdict | What It Means |
|---|---|
| MEETS_BASIC_INTEGRITY | Device isn't tampered (can be emulator) |
| MEETS_DEVICE_INTEGRITY | Genuine Android device |
| MEETS_STRONG_INTEGRITY | Hardware-backed attestation, unmodified device |
Why Apps Check This
- Banking apps: Prevent fraud on compromised devices
- Payment apps: PCI compliance requirements
- Games: Anti-cheat protection
- Streaming apps: DRM protection
What You Need
Before starting, ensure you have:
- Rooted device with Magisk v26.0+
- Magisk Manager app installed
- Internet connection
- 10 minutes of time
Step 1: Enable Zygisk
Zygisk is Magisk's built-in Zygote injection framework. It's required for modern root hiding.
1. Open Magisk app
2. Tap Settings (gear icon)
3. Enable "Zygisk"
4. Reboot your device
After reboot, check Settings - Zygisk should show "Yes" status.
Step 2: Install Play Integrity Fix
This is the magic module that makes everything work.
Download
Get the latest version from:
Install
1. Download the ZIP file (not source code)
2. Open Magisk → Modules (puzzle icon at bottom)
3. Tap "Install from storage"
4. Select the downloaded ZIP
5. Wait for installation
6. Tap "Reboot"
Step 3: Configure DenyList
DenyList tells Magisk which apps should not see root access.
Enable DenyList
1. Open Magisk → Settings
2. Enable "Enforce DenyList"
3. Tap "Configure DenyList"
Add Apps to DenyList
For each app that needs to not see root:
- Find the app in the list
- Tap to expand it
- Enable ALL components (checkboxes)
Must add:
- Google Play Services (com.google.android.gms)
- Google Play Store (com.android.vending)
- Google Services Framework (com.google.android.gsf)
- Your banking app(s)
- Payment apps (GPay, Samsung Pay, etc.)
- Games that check root
Important: Select ALL components for each app, not just the main one.
Step 4: Install Shamiko (Optional but Recommended)
Shamiko provides additional root hiding that DenyList alone can't achieve.
Download
Install
Same process as Play Integrity Fix:
- Download ZIP
- Install via Magisk → Modules
- Reboot
Configure Shamiko
Shamiko inverts DenyList behavior - it uses a whitelist instead:
1. Create folder: /data/adb/shamiko/
2. Create empty file: whitelist
3. Shamiko now hides root from apps in DenyList
You can create files using a terminal app:
su
mkdir -p /data/adb/shamiko
touch /data/adb/shamiko/whitelist
Step 5: Clear App Data
Apps cache SafetyNet results. You need to force them to re-check.
For Each Problem App:
1. Settings → Apps → [App Name]
2. Tap "Storage"
3. Tap "Clear Data"
4. Force close the app
5. Reopen
For Google Play Services:
Settings → Apps → Google Play Services → Storage → Manage Space → Clear All Data
Note: Clearing Play Services data may require you to sign in again to some apps.
Step 6: Verify Your Setup
Check SafetyNet Status
Use one of these apps:
-
YASNAC (Yet Another SafetyNet Attestation Checker)
- Download from Play Store
- Run attestation check
-
Play Integrity API Checker
- More detailed results
- Shows all three verdict levels
What to Expect
Good Result:
MEETS_BASIC_INTEGRITY: ✅
MEETS_DEVICE_INTEGRITY: ✅
MEETS_STRONG_INTEGRITY: ❌ (Normal for rooted/unlocked devices)
Why STRONG_INTEGRITY Fails: This requires:
- Locked bootloader
- Verified boot
- Hardware attestation
For most apps, BASIC + DEVICE is sufficient.
Troubleshooting
"Play Integrity check failed"
Solutions:
- Update Play Integrity Fix to latest version
- Make sure Zygisk is enabled
- Clear Google Play Services data
- Reboot and try again
Banking App Still Detects Root
Some apps use their own root detection beyond SafetyNet:
Try these:
- Install Shamiko if not already
- Make sure ALL app components are in DenyList
- Try older version of the banking app
- Check XDA for app-specific hiding methods
Google Pay Fails
1. Remove all cards
2. Clear Google Pay data
3. Clear Play Services data
4. Reboot
5. Re-add cards
Pokemon GO / Anti-Cheat Games
These games are notoriously strict:
- Use Shamiko
- Add game AND its dependencies to DenyList
- Disable any game-modifying modules
- Consider using a separate unhidden profile
Apps That Work vs Don't Work
Usually Works ✅
- Most banking apps
- Google Pay
- Samsung Pay
- Netflix
- Amazon Prime Video
- Uber, Lyft
Sometimes Problematic ⚠️
- Some cryptocurrency apps
- McDonald's app
- Some airline apps
- Enterprise MDM apps
Very Difficult ❌
- Some Korean banking apps
- Indian government apps (Aadhaar)
- Some enterprise apps with custom detection
Advanced: Fingerprint Spoofing
If the above doesn't work, you may need to spoof your device fingerprint.
Using MagiskHide Props Config
su
props
# Follow interactive menu
# Select option to change fingerprint
# Choose a known-good fingerprint
# Reboot
Popular fingerprints that pass:
- Google Pixel 6 Pro
- Samsung Galaxy S23
- OnePlus 11
Maintaining Your Setup
When Updating Magisk
Always update Play Integrity Fix after updating Magisk.
When Updating Apps
If an app stops working after update:
- Re-add to DenyList (components might have changed)
- Clear app data
- Check for module updates
Monthly Maintenance
- Check for module updates
- Run SafetyNet check
- Clear Play Services data if issues arise
The Nuclear Option: Hide Magisk App
If an app detects the Magisk app itself:
1. Open Magisk → Settings
2. Tap "Hide the Magisk app"
3. Enter a random name (e.g., "Settings Pro")
4. Magisk will be reinstalled with new name
To restore: Install Magisk again from original APK.
FAQ
Q: Will this always work?
A: For now, yes. But Google continuously updates their detection. The cat-and-mouse game continues.
Q: Is this bannable?
A: Some games ban rooted devices. Most banking apps just refuse to run - they won't ban your account.
Q: Does this work on all ROMs?
A: Yes, as long as you have Magisk with Zygisk support.
Q: I did everything but still fails?
A: Some devices have broken attestation. Check XDA for device-specific solutions.
Summary Checklist
- Magisk v26.0+ installed
- Zygisk enabled
- Play Integrity Fix module installed
- DenyList enabled and configured
- Google apps added to DenyList
- Problem apps added to DenyList
- Shamiko installed (optional)
- App data cleared
- Reboot completed
- SafetyNet verified with checker app
You're now invisible to SafetyNet! Enjoy using your banking apps while keeping root access.
Keywords: pass safetynet rooted, play integrity fix, banking app root, google pay rooted phone, magisk safetynet, shamiko module