Google Pay 2.94 hints at a built-in SafetyNet checker and prepares for Pixel 4 face authentication

-

This week, Google once again defied expectations by confirming two major features of its upcoming Pixel 4 smartphones: Soli radar gestures and face unlock. Google says the upcoming Pixel’s facial biometrics will be secure enough for mobile payments, and sure enough, the latest version of the Google Pay app hints at support for authenticating payments with your face. Version 2.94 of the app also prepares to add a built-in SafetyNet checker, a tool which will alert the user if their phone cannot be used for payments because it fails attestation.

An APK teardown can often predict features that may arrive in a future update of an application, but it is possible that any of the features we mention here may not make it in a future release. This is because these features are currently unimplemented in the live build and may be pulled at any time by Google in a future build.

Verify SafetyNet Attestation Before Purchases

In order to use Google Pay on Android, your phone must pass several checks employed by the SafetyNet Attestation API in Google Play Services. These checks can include checking the bootloader unlock status, checking for the presence of root binaries, checking for evidence of system-level tampering, etc. For users who root their phones, the only way to use Google Pay is to hide all traces of system tampering. Installing Magisk enables systemless root and using MagiskHide also prevents Google Pay from detecting other evidence of tampering, but you can’t tell if your effort to hide root from Google Pay is successful until you actually try to make a payment. Rather than finding out at the counter, you’ll eventually be able to check whether your phone can make payments before you need to make a purchase.

<string name="attestation_notification_body">Check if your device meets software standards</string>
<string name="attestation_notification_title">Your phone is no longer ready for contactless payments</string>
<string name="fails_attestation_body">"Your phone can’t make contactless payments as it isn't passing security checks. Your phone may be rooted, or running uncertified or custom software. You can still use Google Pay to pay online and send money to friends."</string>
<string name="fails_attestation_title">Your phone doesn’t meet software standards</string>
<string name="passes_attestation_title">Your phone is ready to make contactless payments</string>

Face Authentication for Purchases

As expected, Google is updating its payment app to support new biometric authentication methods. The app currently allows you to authenticate payments using your fingerprint, but it’ll eventually let you use your face if your device supports secure face unlock like the Google Pixel 4.

<string name="p2p_fingerprint_switch_description">Require a confirmation</string>
<string name="p2p_fingerprint_switch_description_alt">Use biometric authentication, like your face or fingerprint, instead of PIN</string>

Google Pay 2.94 is rolling out on the Google Play Store. You can download the app from the Play Store or APKMirror.

Thanks to PNF Software for providing us a license to use JEB Decompiler, a professional-grade reverse engineering tool for Android applications.

The post Google Pay 2.94 hints at a built-in SafetyNet checker and prepares for Pixel 4 face authentication appeared first on xda-developers.



Comments

Post a Comment

Popular posts from this blog

Honor 20 Pro is Now Available in 14 Countries

-
Image
The Honor 20 was off to a really rocky start with the controversial U.S.A. ban on HUAWEI. While the future of the phone was initially unclear, the planned launch of the phone is now in full swing. As this phone’s complicated launch slowly starts to be available around the world, here are all the places where you can get an Honor 20 Pro.   Country Availability Date Selling Channel Russia 2019/8/2 DNS . MTS, GB 2019/8/1 Amazon.uk , CPW , o2, H3G France 2019/8/22 Amazon, Boulanger, Cdiscount, Darty, FREE, Fnac. Orange, SFR. Offline [HONOR Shop Paris & Lyon] German 2019/7/21 MSD, 1&1 mobile, Amazon , Mediamarket/ phonehouse Netherlands 2019/7/31 bol.com , Belsimpel Czechia 2019/8/15 Alza Finland 2019/8/13 ELsia DNa Poland 2019/8/8 RTV EURO AGD , X-Kom Malaysia 2019/8/15 HiHonor , Shopee . Offline [all HONOR stores in Malaysia] Saudi Arabia 2019/7/31 Pre-sell 2019/8/6 First day sale HiHonor Egypt 2019/7/29 Pre-sell
Read more

Behind Dynamic System Updates in Android Q: How Google is using Project Treble to improve future Android releases

-
Image
Alongside the release of Android 8.0 Oreo, Google unveiled Project Treble : a major rearchitecting in the way the Android OS framework and the vendor HALs and Linux kernel communicate. Treble is a major initiative designed to reduce Android platform version and security patch fragmentation , and all Android-branded devices launching with Android Pie are required to support Project Treble. OEMs and vendors test Treble compatibility by booting a Generic System Image (GSI)—a pure stock build of Android from AOSP—and passing the Vendor Test Suite (VTS) and Compatibility Test Suite-on-Generic System Image (CTS-on-GSI). The GSI has proven useful in not only allowing software engineers working for OEMs test Treble compatibility, but it has also opened the door for a large custom ROM community on XDA. For the Android Q release, Google wants to make GSIs useful for another group: app developers. Since the first stable release and source code drop of any given Android platform release usual
Read more

OnePlus 8T goes on sale in the US

-
Image
The OnePlus 8T announced last week is now available for purchase in the US through OnePlus' online store with two color options - Lunar Silver and Aquamarine Green. It's priced at $749 and comes with 12GB RAM and 256GB storage. There's also an 8T+ 5G for T-Mobile priced the same, which comes with an IP68 rating while sharing the rest of the specs with the regular 8T. The OnePlus 8T is built around a 6.55" FullHD+ 120Hz Always-on AMOLED display that has a fingerprint reader underneath for biometric authentication. It's powered by the Snapdragon 865 SoC and runs Android 11-based OxygenOS 11...
Read more