A couple of weeks ago we reported that some Google Pay users were reporting an outage, which included a couple of our own team members. It was very localised issue and after some follow up we can confirm that the issue was a faulty terminal, plus an unlocked bootloader being picked up as an insecure device by Google’s security services.
As a proof of concept, we’ve loaded our OnePlus 6 to a fresh factory default with an unlocked bootloader and found immediately that the warning was present. We locked the bootloader on the OnePlus 6 and tried again with success – so an unlocked bootloader will cause you issues!
As a proof of concept, we also unlocked the bootloader on the OnePlus 5 and found G Pay still working, until we ran a Play Protect scan manually a short time later and BOOM – no more G Pay for you.
Scott addressed SafetyNet and how developers were getting around the Google implemented SafetyNet check in their custom ROMs and Kernels back in 2016. For those using custom ROMs, kernels, or just enjoy the freedom of an unlocked bootloader you can use solutions including Magisk to hide your unlocked bootloader from the prying eyes of SafetyNet.
There are exceptions to the rule of course, some updates from manufacturers including OnePlus have occasionally had ‘oops’ moments when the SafetyNet feature tripped even on completely ‘safe’ devices with a locked bootloader.
This is simply a reminder that if you’re getting some issues with Google Pay, Samsung Pay or even just running an app, it may be because you simply forgot to implement a fix with Magisk, or just locked your bootloader.
Best idea is heading over to XDA-Developers to check out Magisk Manager which has the capability to mask the fact you have an unlocked bootloader.
How have you shot yourself in the foot modding your phones in the past?