Prompt user to update Google Play services. The SafetyNet Attestation API is available.
Method, as shown in the following code snippet: if (GoogleApiAvailability.getInstance().isGooglePlayServicesAvailable(context)
With the version of the Android SDK you're using, call the To check whether the installed version of Google Play services is compatible The user to update the Google Play services If your app detects that an incorrect version is installed, you should ask Incorrect version is installed, your app might stop responding after calling theĪPI. Version of Google Play services is installed on the user's device. Regardless of your app's API quota, we recommend setting up quota monitoringīefore you use the SafetyNet Attestation API, you must ensure that the correct Keep this behavior in mind when implementing your app's retry If this limit is exceeded, all remaining requests during that Project, individual app instances are throttled to a maximum of 5 requests per Note: Regardless of the quota provisioned for your You can usually expect your request to be handled within 2-3 business
The Androidĭevice Verification API dashboard screen appears. Search for, and select, the Android Device Verification API.To create a key and embed this key, complete the following steps: In order to call the methods of the SafetyNet Attestation API, you must use anĪPI key. Post: 10 things you might be doing wrong when using the SafetyNet SafetyNet Attestation API and in addition to this main documentation, be aware Throughout the initialization, configuration and activation of the Note: Additional documentation and checklist SafetyNet Attestation API, see the SafetyNet API SafetyNet Attestation API protocol Note: To see an Android app that contains a complete implementation of the Server communicates its findings to your app.Ī graphical depiction of this process appears in Figure 1: Figure 1. This server validates the response and uses it for anti-abuse decisions.Your app forwards the signed attestation to your server.The SafetyNet Attestation service returns this signed attestation to your.Google's servers send the signed attestation to the SafetyNet Attestation.Requests a signed attestation of the assessment results from Google's servers. The SafetyNet Attestation service evaluates the runtime environment and.The SafetyNet Attestation API receives a call from your app.The SafetyNet Attestation API uses the following workflow: Purely to check whether the device is rooted, as the API is designed to check.Replace or implement strong DRM checks.Contain signals for app-specific use-cases, such as device identifiers, GPSĮmulation status, and screen lock status.The API offersīoolean values that express different levels of system integrity. Provide fine-grained signals about system modifications.Move allĪnti-abuse decision logic to a server under your control. Have its response interpreted directly in the calling app.
Function when the device isn't connected to the internet.Security and your suite of product-specific Please use it inĬombination with the published best practices for app Act as a stand-alone anti-abuse or app-security mechanism.The API is not designed to fulfill the following use cases: The attestation also contains a generation timestamp and metadata about the The generated attestation is bound to the nonce that the caller app provides. Issues, and comparing it with the reference data for approved Android devices.
In order to create the attestation, the APIĮxamines the device's software and hardware environment, looking for integrity The SafetyNet Attestation API provides a cryptographically-signed attestation,Īssessing the device's integrity. Interacting with your genuine app running on a genuine Android device. Part of your abuse detection system to help determine whether your servers are The SafetyNet Attestation API is an anti-abuse API that allows app developers toĪssess the Android device their app is running on.