Stack Overflow
Stack Overflow

Questions tagged [safetynet]

102 questions
5
votes
1 answer

Flutter: SafetyNet Attestation fails basic integrity

When trying to run Firebase Phone Authentication through a Virtual Android Device am getting the following error messages; E/zzbf ( 6464): SafetyNet Attestation fails basic integrity. I/zzmt ( 6464): Provider GmsCore_OpenSSL not…
SLendeR
  • 839
  • 7
  • 25
5
votes
3 answers

Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0

When I want to upload my flutter aab in Play Console, I got the below warning. Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0 What the SDK developer told us: The SafetyNet…
Samarpan Dasgupta
  • 104
  • 2
  • 4
5
votes
1 answer

SafetyNet api ,get nonce from server rather than the client

I am using this library : https://github.com/scottyab/safetynethelper I have read the documentation on Android Deveoloper site and in the repository. Everything works fine ,but something is not clear to me. It is indicated that it is more secure to…
Maxim Toyberman
  • 1,906
  • 1
  • 20
  • 35
3
votes
0 answers

Flutter Firebase Phone Auth .apk Missing valid app identifier, neither SafetyNet nor reCAPTCHA checks succeed

currently using Firebase Phone Number Auth, worked well in debug mode in pc, including iPhone and android emulator. when I "flutter build apk" and put it into my smartphone, the apps prompt "Missing valid app identifier, what I had done: I had…
HanYee
  • 43
  • 4
3
votes
0 answers

Requests limits on Google Play Integrity service linked via project from Google Cloud

In our project we're using safetynet for attestation, but we need to migrate project into google play integrity API because safetynet is deprecated. We're not using google play to distribute our app, so I need to link our app with project on google…
wacsza
  • 31
  • 1
3
votes
2 answers

How to make SafetyNet/Firebase AppCheck work in Google Play Pre-Launch Reports

I'm using Firebase AppCheck to authenticate that calls to my API are indeed coming from my app. My issue is that ever since I enabled AppCheck, I can only get a token on legit devices or via debug tokens for the emulator. In a way this makes sense,…
PLPeeters
  • 1,009
  • 12
  • 26
3
votes
1 answer

Reliably verify a JWS certificate chain and domain

I'm writing backend code to verify a JWS from Google's SafetyNet API, in Node.JS. I was surprised to not find a readily available module for this, so I started looking at some simple verification of the JWS using available libraries: First of all,…
JHH
  • 8,567
  • 8
  • 47
  • 91
3
votes
1 answer

Need clarification on SafetyNet API per minute quota limit

Safetynet calls in our app is failing frequently in production. We believe recent spike in consumer traffic and following limitation of Safetynet API may be causing the issue. “If you trigger more than 5 calls per minute, you exceed the API's fixed…
Dexter123
  • 31
  • 2
3
votes
1 answer

Safety environment check in android using SafetyNet Attestation API is not working as it not getting callback on success or failure callback

For saftey environment check in android I was using https://developer.android.com/training/safetynet/attestation.html SafetyNet.getClient(this).attest(nonce, API_KEY) .addOnSuccessListener(this,successListner) …
Syamkrishnan Ck
  • 193
  • 1
  • 10
3
votes
2 answers

Android SafetyNet JWT signature verification

I'm trying to understand how the jwt signature validation works. This is how I'm doing it at the moment: 1) My app calls the attest api 2) My app sends the jwt to my server 3) My server verify the signature (third field of the jwt) using the…
Johny19
  • 5,364
  • 14
  • 61
  • 99
3
votes
1 answer

Testing SafetyNetClient.listHarmfulApps()

I am writing an Android app that will report to the user (among other SafetyNet data) if there is any PHA (Potentially Harmful Application) installed on his/her device. For that I am using the SafetyNet Verify Apps API. My call to…
AlxDroidDev
  • 582
  • 7
  • 17
3
votes
3 answers

SafetyNet attestation fails with internal error

I want to use the SafetyNet Attestation API (mind that this documentation seems to be outdated since the methods it uses are deprecated). Using the latest version of Play Services (11.0.1) I came up with the following code: SecureRandom secureRandom…
Gergely Kőrössy
  • 5,620
  • 3
  • 28
  • 44
2
votes
1 answer

how I can use integrity api instead of safetyNet Api in phone login Fragment

how I can use Integrity Api instead of safetyNet Api in phone login Fragment.. I try to upload my App to Google play and my phone login fragment depend on SafetyNet Api which is Deprecated and when Google play team warn me I add this to my geadle to…
engmms
  • 347
  • 1
  • 4
  • 16
2
votes
1 answer

App Check & Play Integrity with a custom backend

We're using SafetyNet Attestation API in our Android app and now planning to migrate to App Check / Play Integrity API since SafetyNet has been deprecated. As far as I understand from the docs, the flow remains pretty much the same: you request a…
fraggjkee
  • 3,524
  • 2
  • 32
  • 38
2
votes
0 answers

Migrating SafetyNet to Play Integrity API for Firebase

I'm developing a flutter application which uses Firebase as its framework. One of Firebase's features that we use is App Check. I've been using SafetyNet for my Android App Check, but recently I've gotten an email from Google that states that…
treble18
  • 131
  • 7
1
2
3 4 5 6 7