Stack Overflow
Stack Overflow

Questions tagged [safetynet]

102 questions
1
vote
1 answer

Android and SafetyNet to ensure calls made to the API are from my app only

My Android app makes some REST calls to my backend. I wish that only and only my app is authorized to call the endpoints. I intend to use Google's SafetyNet to archive this. 1) My app ask my server fora random nonce 2) My app ask for an .attest() 3)…
Johny19
  • 5,364
  • 14
  • 61
  • 99
0
votes
0 answers

Disable reCaptcha in firebase phone-auth (OTP) android

After entering phone number Recaptcha is showing for a few seconds. Foloowed this qestion: How to disable reCaptcha in firebase phone-auth (OTP) android? But the Android DeviceCheck API is deprocated. Went instead to SafetyNet, and also, deprecated,…
Dim
  • 4,527
  • 15
  • 80
  • 139
0
votes
0 answers

Android FIDO2 SDK safetynet attestation format is deprecated

The safetynet attestation api is deprecated, but the FIDO2 SDK(play service) is still return android-safetynet attestation. {"fmt":"android-safetynet","attStmt":{"ver":"230514037","response"....}} FIDO2 supports "android-key" attestation, but the…
Ken Lin
  • 1
0
votes
1 answer

how to fix safety net api warning in android studio

I am developing kotlin project, when i upload release bundle in google console, following warning arised. How to fix this warning? 1 MESSAGE FOR VERSION CODE 49 Warning The developer of play-services-safetynet…
chanthini begam
  • 109
  • 1
  • 11
0
votes
0 answers

Firebase App Check Quota Limits when using with firestore SDK in android

Our android app uses firestore as the DB and uses firestore SDK to make the reads and writes. We use firebase app check via safetynet(planning to migrate play integrity) as one of our security measure. FirebaseApp.initializeApp(this) val…
Oooha
  • 150
  • 17
0
votes
0 answers

How to migrate to Play integrity API from Safetynet from beginning in java?

I am trying to migrate from safetynet to play integrity. I am stuck on starting point if anyone can help? should i change in my existing code or i have make fresh API ?
Jet Test
  • 1
  • 1
0
votes
0 answers

Why is App check not working (permission denied)?

I am out of ideas right now why my app does not pass app check verifications. I am building a React-Native app with Firebase using react-native-firebase. It throws this error: [firestore/permission-denied] I have installed the app-check package…
showtime
  • 1
  • 1
  • 17
  • 48
0
votes
2 answers

Play Integrity API token produces IntegrityErrorCode.html#TOO_MANY_REQUESTS

I'm trying to migrate from SafetyNet to Play Integrity API following googles documentation https://developer.android.com/google/play/integrity/verdict#request. I'm building my request the same way they do in docs: Task
JSob
  • 3
  • 3
0
votes
1 answer

Android SafetyNet quota over 10.000

We have many applications in the store that authorize through SafetyNet. In total, there can be more than 100,000 users per day. To get a quota of more than 10 thousand, I need to fill out an application from Google. But in one of the fields I need…
Илья Кузьмич
  • 227
  • 1
  • 3
  • 11
0
votes
5 answers

Match Android apk SHA256 with SafetyNet apkCertificateDigestSha256

I am using SafetyNet to verify the integrity of the android app. This is the flow as of now. I generate a nonce value in the server and send it to the SafetyNet service to get the response. I get the response from the server. Now I want to verify…
Sagar Nayak
  • 2,138
  • 2
  • 19
  • 52
0
votes
1 answer

Can I use SafetyNet with firebase functions?

I am trying to implement SafetyNet in my app. I also, don't have a server, and I am using Firebase Firestore and Firebase Functions. My knowledge about Firebase Functions is very limited. And I was wondering if I could somehow use the functions to…
Ravers
  • 988
  • 2
  • 14
  • 45
0
votes
1 answer

Android SafetyNet Attestation Nonce Question

Google's instructions for implementing the attestation API are: Obtain a nonce. Request a SafetyNet attestation. Transfer the response to your server. Use the response on your server, along with your other anti-abuse signals, to control your app's…
user1114
  • 1,071
  • 2
  • 15
  • 33
0
votes
1 answer

Android SMS verification SafetyNet not working from Google Play

I have application in Google Play wit phone number verification. But when I install it from Google Play then it write "This request is missing a valid app identifier, meaning that neither safetyNet checks nor reCAPTCHA checks succeeded." When i…
Andy
  • 114
  • 2
  • 13
0
votes
1 answer

Firebase phone authentication - app verification(SafetyNet)

I want to authenticate phone number Firebase with SafetyNet and not reCAPTCHA verification. I am following the Firebase documentation here: https://firebase.google.com/docs/auth/android/phone-auth In the Google APIs Console I enabled the Android…
Doha
  • 325
  • 2
  • 13
0
votes
1 answer

Android SafetyNet Attestation - Offline Device

I recently got a security issue for the app i'm working for: The possibility to run on rooted devices. I discovered that is hard to prevent this situation. My first try was to implement RootBeer. Sadly, there are tools like Magisk Manager which can…
Alexandru Gabriel
  • 79
  • 5
1 2 3 4 5
6
7