I can’t root my phone because I don’t have an image for it (Moto G73) although I’d like to, but for some reason my banking app thinks it’s rooted and refuses to work. This happened just after I updated it, it wasn’t happening before.
You must log in or register to comment.
What about root checker apps. What they say?
-
Install Kitsune Mask (just like Magisk install) https://huskydg.github.io/magisk-files/
-
Install PIF Next. It will automatically download new device fingerprints as Google bans old ones https://github.com/daboynb/PlayIntegrityNEXT
-
Google, banks, Microsoft, whoever else is aggressively checking for root. Please consider to eat my entire asshole. Thank you.
Edit: nvm I’m bad at reading, I missed that you couldn’t even root your phone.
-
This might help:
Can’t hide root if I’m not actually rooted.
Oh, sorry if you tried this already but you could also try resetting app data for that app and reloading to see if that helps?
Well, I tried uninstalling the app, restarting the device, and reinstalling it.
Shit, yeah that would wipe the app data too. Sorry buddy, I’m out of ideas. DRM is bullshit :(
Root so you can hide it?
Seriously though, that might actually work.
Either way, shit like this is why DRM is stupid.
If might work if I could work out how to root it. I can’t find a stock image for my device to patch with magisk. Just out of interest, I wonder if there’s one available for the edge 40 Neo, if I had got that. I don’t have it, but if it supports root, I just might see if I can trade in my phone.
I haven’t kept up with the rooting scene but if you want to get into that and are on a budget, a used Pixel might just be the ticket: They’re very root friendly and well documented. Good luck!
The thing is, I need the device to support a micro SD card and have decent specs (8GB/256GB/120hz/5Ah) more than I need to be able to root it, but if I can get both I’d be very happy.
Sony Xperia has some nice stuff that might fit those requirements, pretty sure Moto makes at least once phone that meets those specs too but I can’t recall the name off hand. Someone was just telling me about it last week and it was made in 2023. I’ll let you know if I can remember the name of it.
Thanks, when you remember I’ll be interested
Is it OEM unlocked?
Yes, but not rooted. I could relock it and see if that solves the issue, but the app was opening fine when it was still OEM unlocked for several months until the app was updated yesterday. I didn’t want it locked in case I did ever find a custom ROM for my phone and I didn’t want to delete all my data.
Pretty sure this is the reason then, OEM unlocks can trigger this on some devices.
If you’ve done an OEM unlock, you effectively already have root access to the device. You could boot a custom recovery right now and modify any system file.
“Rooting” just means using this privilege you already have in order to install a tool into the OS such that you can make use of this privilege while the regular OS is booted.
Go install Magisk and do the safetynet dance. It’s a whole thing but should give you a “clean” device from the perspective of unprivileged apps. It’s stupid that you have to do this but here we are.
Lineage OS user here, my banking app got an update a while ago that stopped trusting my finger scanner because I’m rooted. Luckily it still allows passwords or else that would be a deal breaker.
*Edit, now that I think about it I’m not even rooted, just an unlocked boot loader.
I keep waiting for KernelSU support for more devices
Wasn’t there talk about Google deprecating SafetyNet? If this has already happened and your banking app is still relying on it, it could lead to a fslse positive on the root check I believe.
I was able to bypass something similar by using apps that create multiple instances of an app, I used Shelter (https://f-droid.org/packages/net.typeblog.shelter/)
How are you rooted?
Magisk Hide + Play Integrity Fix should fix it. Also hide all Google play services from detecting root.
I’m not rooted, that’s the problem.
I’ve had a banking app think my phone was rooted before. Had to basically switch banks.
Maybe not ideal but I’m sure the web version of your banking app would work through a browser.
It does, but it’s not designed for mobile. I would send a screenshot, but I don’t trust myself to censor everything important.
Try to use a desktop, try different browsers if needed, if you cannot, you may need to physically go to the bank.
That’s a fair point. My old bank which was pretty terrible I never installed their app and found the app just loaded a mobile version of their website so I just used that.
Just FYI, rootkit malware does exist for phones
What is that and how does it relate to my issue?
Spyware that roots your phone.
Well how could it do it if I can’t?
A lot of exploits exist to root a phone. Bad apps can abuse those exploits.
There are exploits out there either kept secret by malicious/proprietary parties, or not practical for consumer desires to get a proper rooted experience.
Pretty much the only method to fix it if you’re affected that I can think of is to factory reset your phone with a manufacturer provided image, and even then it’s not 100% guaranteed if the bootloader is compromised.
You don’t actually need an image to root a phone, that’s not what rooting is… It’s just gaining full administrative privileges over the device
Is your system software fully updated?
Are you running a Beta version of the system software?
It’s the latest stable version, it updated a couple of days ago.
That shows a bunch of FAQs, was there a specific one you wanted me to see?
There’s instructions to restore the firmware on the phone.
maybe a stupid question: But doesn’t android sandbox every app? If every app is running in a sandbox, it shouldn’t be too hard to pretend your phone isn’t rooted.
If they check for a specific version number, like @RagingRobot mentioned, it also shouldn’t be a problem. Just set that specific sandbox to return whatever version you want.
I am aware that ‘just configure the sandbox’ is not really an accessible solution. But a sandbox-config-master would be a great app for rooted phones.
Well apparently rooted phones can pretend to apps they’re not rooted. Problem is, my phone isn’t actually rooted.
Turn developer options off.
I use developer options on a regular basis, so that won’t be a permanent solution, but I could test to see if it is that.
Do it, my local government app at least had the decency to explain it was the developer mode being on and not root.
I have too many gripes with banks and how they handle digital interactions.
They’re a bunch of dinosaurs, both in what they support and how they support it. They’re also in a position where they feel like they can do what they want and you just have to suck it up.
And for the most part, they’re right, because all the banks are equally bad. A nontrivial number of the apps are just chrome running in an app window, security is a joke, they make you sign in with your card number which is plainly visible to anyone with eyes that is within a few meters of your card anytime you have it out of your wallet, they restrict your password so you can’t use special characters or have it be long enough to actually provide real security, and they limit your 2FA options to SMS. Everything is terrible.
Even when you go into the bank or use the ATM, access is restricted by a fucking FOUR DIGIT NUMERICAL PIN and if you can even use a longer pin code, they don’t tell you that and most systems assume your pin is four numbers and won’t let you enter any more than that.
God forbid you lose your card, good luck going through the gauntlet of outdated information the bank is going to ask about for you to prove you are who you say you are.
They’re all the fucking same and it infuriates me.
Banking tech is still run on FORTRAN and COBAL. It’s ancient and pretty much can’t be upgraded. Until there’s a major push for new technologies across all banking it’ll keep being this bad
They can create interfaces to buffer our experience with their back end (the COBOL running the actual transactions), which is largely what they’re doing.
The COBOL back end basically just acts as the service that handles the data that represents the money and accounts.
Not having advanced security options, even as simple as complex passwords to allow clients to access their accounts can be managed by the intermediate layer between the COBOL service and the UI, and there shouldn’t be a reason for such limited password length or restrictions on MFA.
The fact that COBOL runs they’re back end doesn’t excuse the terrible front end, especially on applications for mobile devices.
This has been thrown around as reason why things suck so hard, and bluntly, it’s a piss poor excuse if you ask me.
