I ran the latest RUU to update my US unlocked HTC 10 to 2.41.617.3. I was hoping that it would fix it so I could pass the SafetyNet but even right after a wipe, data format, clean install and no root, the safetycheck test still comes back with CTS profile match: false. Am I doing something wrong here?
ray985 said:
I ran the latest RUU to update my US unlocked HTC 10 to 2.41.617.3. I was hoping that it would fix it so I could pass the SafetyNet but even right after a wipe, data format, clean install and no root, the safetycheck test still comes back with CTS profile match: false. Am I doing something wrong here?
Click to expand...
Click to collapse
The only other thing I can think of that would trip it is an unlocked bootloader.
Other than that, SN would **** up.
My advice is to just install Magisk and enable Magisk hide to pass SafetyNet.
Ariac Konrel said:
The only other thing I can think of that would trip it is an unlocked bootloader.
Other than that, SN would **** up.
My advice is to just install Magisk and enable Magisk hide to pass SafetyNet.
Click to expand...
Click to collapse
Thanks. I tried using Magisk and Magisk hide but unfortunately they don't work at bypass SafetyNet either for me.
ray985 said:
Thanks. I tried using Magisk and Magisk hide but unfortunately they don't work at bypass SafetyNet either for me.
Click to expand...
Click to collapse
If your bootloader is unlocked, it will fail. Install any of the current custom kernels on the forum, they all have the bootloader fix to allow it to pass safetynet. You may even be able to relock your bootloader via sunshine.
ray985 said:
Thanks. I tried using Magisk and Magisk hide but unfortunately they don't work at bypass SafetyNet either for me.
Click to expand...
Click to collapse
aer0zer0 said:
If your bootloader is unlocked, it will fail. Install any of the current custom kernels on the forum, they all have the bootloader fix to allow it to pass safetynet. You may even be able to relock your bootloader via sunshine.
Click to expand...
Click to collapse
That's what I did on my WWE variant. I bought and ran SunShine to set my device S-OFF/locked. Since then it passes SafetyNet on my end.
As it's behaviour is the same as S-OFF/unlocked it even comes in handy as soon as one's going to sell it. In such case one could easily RUU back to stock an set the secureflag back to S-ON afterwards. Renders the device in a state that's looking like you never touched it at all.
Sent from my htc_pmeuhl using XDA Labs
5m4r7ph0n36uru said:
That's what I did on my WWE variant. I bought and ran SunShine to set my device S-OFF/locked. Since then it passes SafetyNet on my end.
As it's behaviour is the same as S-OFF/unlocked it even comes in handy as soon as one's going to sell it. In such case one could easily RUU back to stock an set the secureflag back to S-ON afterwards. Renders the device in a state that's looking like you never touched it at all.
Sent from my htc_pmeuhl using XDA Labs
Click to expand...
Click to collapse
i was one of the first to mail in, so mine is set to unlocked on vzw by default. I haven't had any need to change it though.
aer0zer0 said:
If your bootloader is unlocked, it will fail. Install any of the current custom kernels on the forum, they all have the bootloader fix to allow it to pass safetynet. You may even be able to relock your bootloader via sunshine.
Click to expand...
Click to collapse
Thanks, I'll play around with some of the custom kernels and see if that fixes it.
Related
Hi just wanna ask if I should be concerned on this. After the nougat update, Device Certification under the settings menu of the Playstore app says my device is Uncertified. I'm not sure if this is the same prior update but I read somewhere else that others only had this after the update. Is there a way to solve this? My current firmware version is 2.41.401.3.
Ms_Trishlee said:
Hi just wanna ask if I should be concerned on this. After the nougat update, Device Certification under the settings menu of the Playstore app says my device is Uncertified. I'm not sure if this is the same prior update but I read somewhere else that others only had this after the update. Is there a way to solve this? My current firmware version is 2.41.401.3.
Click to expand...
Click to collapse
Nothing to worry about from what I've read.
I'm assuming you're bootloader unlocked and rooted?
Using Magisk hide + clearing playstore cache I heard may fix it.
I also think I read if you don't pass safety net is good indicator you'll show as uncertified.
andybones said:
Nothing to worry about from what I've read.
I'm assuming you're bootloader unlocked and rooted?
Using Magisk hide + clearing playstore cache I heard may fix it.
I also think I read if you don't pass safety net is good indicator you'll show as uncertified.
Click to expand...
Click to collapse
Everything is stock and it has never been rooted, aside from bootloader is currently unlocked. That's why i'm confused why it shows Uncertified device.
Ms_Trishlee said:
Everything is stock and it has never been rooted, aside from bootloader is currently unlocked. That's why i'm confused why it shows Uncertified device.
Click to expand...
Click to collapse
Im thinking bootloader being unlocked possibly just from what I've read someplace. Try locking it to see if it changes to certified.
I had the same problem, using sunshine again I locked the bootloader leaving the device s-off. I had to wipe data and running Marshmallow at the time. Message went away. John
johnc0865 said:
I had the same problem, using sunshine again I locked the bootloader leaving the device s-off. I had to wipe data and running Marshmallow at the time. Message went away. John
Click to expand...
Click to collapse
im having the same issue of not certified in playstore in my s8 plus too, no root, nothing, stock
I recently ran into a lot of problems due to the fact vr 12 of magisk and the new update to safetynet. I have read that tbe developer of magisk realeased a new version to pass checks. I need to pass as I am an Uber user and in default need Android pay.
I have since tried to go back to stock but ran into problems regarding unlocking my bootloader, currently I am completely stock although my bootloader is unlocked and I can't pass the safetynet check with the new parameters.
I NEED to pass safety net on this device, I don't know what to do, when I lock my bootloader I'm unable to sideload the ROM, with the device unlocked I fail safetynet, will the latest version of magisk work (v13b) with an unlocked bootloader, as my device was soft bricked for 3 days after I locked the bootloader.
Thank you in an advance for any insight on this. Currently I am on stock recovery and unrooted but it seams with the unlocked bootloader I am unable to pass safety net thus unable to use Android pay and subsequently unable to book rides with Uber/Lyft.
Thanks in advance for your help
Sorry I forgot to say I'm running stock recovery and ROM only my bootloader is unlocked, I tried to lock it but adb would not sideload the stock ROM after locking the bootloader. Right now i an as stock as I can be ****
Without a locked bootloader, I don't care if my device is rooted or not I just want to pass the safety net check, I'm failing CTS mismatch, I don't know why after factory resetting my device, why google is doing this IDK I just need to get my device working 100 percent, rooted or not at this point I don't care.
Thank you for your future reply and thank you again if you have helped me before, this is a nightmare, why google is doing this Idk but I funny believe it's in anyone's best interest except possibly but business.
Quick google search for magisk beta version 13. His newest beta passes safetynet, and i believe he claims its easy to fix in the future as well
I believe you need a custom kernel that bypasses the Safety Net boot-loader check.
If you want to completely go back to stock (and pass safety net) follow this guide: https://forums.oneplus.net/threads/...-3-3t-and-go-back-completely-to-stock.456232/
Magisk 13 BETA or wait for stable.
I previously tried to go completely to stock but ran into problems after locking the bootloader,
https://forum.xda-developers.com/oneplus-3/help/tried-to-to-stock-adb-error-read-file-t3621902
As I would be fine with that, I prefer using magisk so I suppose I'll go with that,
What kernel is recommended? I was thinking blu-spark or franko as afaik they work?
After I lock my bootloader I ran into problems, adb would recognize my device along with fastboot although, it would not side load the ROM, so I guess my only option is magisk, I just need to find,
Correct kernel, best version of TWRP recovery (I used to have blu-spark, with franko kernel, this time I think I'm going to go buy with blu-spark)
I appreciate your help, although whatever works is what I'll do, IDK why I can't go back to stock, I've done it before so IDK what has changed, I just need to find the latest version 13 beta of magisk.
Currently im fully stock except for unlocked bootloader and I get the CTS mismatch error on safety net, (these safety net crap is annoying)
I am using Magisk v13 and it is completely free of bugs.
lebeatnik said:
I previously tried to go completely to stock but ran into problems after locking the bootloader,
https://forum.xda-developers.com/oneplus-3/help/tried-to-to-stock-adb-error-read-file-t3621902
As I would be fine with that, I prefer using magisk so I suppose I'll go with that,
What kernel is recommended? I was thinking blu-spark or franko as afaik they work?
After I lock my bootloader I ran into problems, adb would recognize my device along with fastboot although, it would not side load the ROM, so I guess my only option is magisk, I just need to find,
Correct kernel, best version of TWRP recovery (I used to have blu-spark, with franko kernel, this time I think I'm going to go buy with blu-spark)
I appreciate your help, although whatever works is what I'll do, IDK why I can't go back to stock, I've done it before so IDK what has changed, I just need to find the latest version 13 beta of magisk.
Currently im fully stock except for unlocked bootloader and I get the CTS mismatch error on safety net, (these safety net crap is annoying)
Click to expand...
Click to collapse
Hello everyone,
So I will get the Mi A2 lite on Tuesday 64GB/4GB RAM version.
I was wondering if the bootloader will stay unlocked after OTA update.
Also I read on reddit that the latest OTA (January) can possibly brick the device
https://www.reddit.com/r/Xiaomi/comments/ajoh56/psaupdate_bug_do_not_update_to_latest_january
Thanks in advance.
The bootloader only relocks if you wish to do that on your own by either fastboot command or MiFlash with relock selected.
I updated my mi a2 lite while bootloader is unlocked and nothing happened
thorin0815 said:
The bootloader only relocks if you wish to do that on your own by either fastboot command or MiFlash with relock selected.
Click to expand...
Click to collapse
So if the first thing I do is unlock the bootloader I'm pretty much safe...
grish said:
So if the first thing I do is unlock the bootloader I'm pretty much safe...
Click to expand...
Click to collapse
Unlocking/locking is pretty easy on this device, but beware that when you unlock/lock your bootloader phone will erase all data on board. There is a way to bypass that erase too though. So you can do pretty much everything with no serious consequences.
marstonpear said:
Unlocking/locking is pretty easy on this device, but beware that when you unlock/lock your bootloader phone will erase all data on board. There is a way to bypass that erase too though. So you can do pretty much everything with no serious consequences.
Click to expand...
Click to collapse
So there's basically nothing that can go wrong when I unlock the bootloader via fastboot/adb after first boot?
Nope, but your device will be classified as uncertified device inside Playstore, which could be a problem with apps like Netflix or banking stuff.
After the unlocking you could root your device with Magisk to pass Safety.Net, but this could be problematic with OTA's again.
thorin0815 said:
Nope, but your device will be classified as uncertified device inside Playstore, which could be a problem with apps like Netflix or banking stuff.
After the unlocking you could root your device with Magisk to pass Safety.Net, but this could be problematic with OTA's again.
Click to expand...
Click to collapse
Thought that only happens when you use a different system image or modify the partitions. Guess I'll wait a bit then.
grish said:
Thought that only happens when you use a different system image or modify the partitions. Guess I'll wait a bit then.
Click to expand...
Click to collapse
I used Magisk and only Magisk systemless modules, but after I updated from 10.0.2.0 to 10.0.3.0 via OTA my device started to bootloop. Even though I did uninstall Magisk and reinstall after the OTA the right way like I did all the times before.
For the moment I just stay with an unlocked bootloader but without root. I miss Viper4Android, but it's not worth the hassle. I'm using my older Moto G4 as my Spotify player now.
Edit: I just remembered that it happened at the update from Oreo to Pie aswell.
thorin0815 said:
I used Magisk and only Magisk systemless modules, but after I updated from 10.0.2.0 to 10.0.3.0 via OTA my device started to bootloop. Even though I did uninstall Magisk and reinstall after the OTA the right way like I did all the times before.
For the moment I just stay with an unlocked bootloader but without root. I miss Viper4Android, but it's not worth the hassle. I'm using my older Moto G4 as my Spotify player now.
Edit: I just remembered that it happened at the update from Oreo to Pie aswell.
Click to expand...
Click to collapse
The loop, you mean?
Can you use netflix with unlocked bl?
grish said:
The loop, you mean?
Click to expand...
Click to collapse
Yup!
Can you use netflix with unlocked bl?
Click to expand...
Click to collapse
You won't find the Netflix app inside the Play Store when your bootloader is unlocked (Safety.Net fails), but you can download it for example from APKMirror.
https://www.apkmirror.com/?post_type=app_release&searchtype=apk&s=netflix
Edit: Just tested it with the latest beta version and it worked without problems.
thorin0815 said:
Yup!
You won't find the Netflix app inside the Play Store when your bootloader is unlocked (Safety.Net fails), but you can download it for example from APKMirror.
https://www.apkmirror.com/?post_type=app_release&searchtype=apk&s=netflix
Edit: Just tested it with the latest beta version and it worked without problems.
Click to expand...
Click to collapse
Thanks a lot.
Do you think the bootloop was because of magisk when going from oreo to pie?
grish said:
Thanks a lot.
Do you think the bootloop was because of magisk when going from oreo to pie?
Click to expand...
Click to collapse
Well, I don't know any other reason, because I haven't touched the system partitions at all.
thorin0815 said:
Well, I don't know any other reason, because I haven't touched the system partitions at all.
Click to expand...
Click to collapse
Unlocking the bootloader on oreo can't be the issue?
grish said:
Unlocking the bootloader on oreo can't be the issue?
Click to expand...
Click to collapse
I don't think the unlocked bootloader was the reason. Never experienced problems with OTA's on all my devices just because of an unlocked bootloader.
With Magisk 17.3 I could install OTAs without a problem, but since Magisk has been updated to 18.0, OTAs don't work anymore. I have to unroot, flash stock, update then recover all the data then root again. It's a pain in the a** to do that everytime so I'm sticking with stock and locked bootloader for now. Also bootloop issues were reported on Mi A2 devices, not Lite AFAIK.
For me problems started with Pie, with Oreo I never faced problems with Magisk and OTA updates. Magisk 18.0 worked just fine for me with Oreo.
Hi there,
It might be a dumb question, but im kinda clueless.
I have my device not rooted and the SavetyNet-Check of Magisk says ctsProfile: false.
My bootloader is unlocked since the beginning. Could that be the reason for it? And if so how could I avoid it? Rooting or Relocking the bootloader?
Background:
Because I experience problems with a couple of banking apps that they dont start/crash on startup and one of them saying it might be of having my device rooted.
So thats why I thought maybe SafetyNet Check is not good and checked it and figured out one check is not passing.
wsjoke said:
Some kernels lack the feature needed to pass cts without magisk installed you can either
1. install magisk to pass CTS
2. Use a kernel that has the patch (loki and my own kernel "chunchunmaru" should have it but both are for Q only as off now)
Click to expand...
Click to collapse
First, in what rom you are? Why u install magisk manager if u don't have root? What apps don't open? We aren't magicians or clairvoyants, please always mention more details
wsjoke said:
Hi there,
It might be a dumb question, but im kinda clueless.
I have my device not rooted and the SavetyNet-Check of Magisk says ctsProfile: false.
My bootloader is unlocked since the beginning. Could that be the reason for it? And if so how could I avoid it? Rooting or Relocking the bootloader?
Background:
Because I experience problems with a couple of banking apps that they dont start/crash on startup and one of them saying it might be of having my device rooted.
So thats why I thought maybe SafetyNet Check is not good and checked it and figured out one check is not passing.
Click to expand...
Click to collapse
I assume that you are from stock. It is the problem from Mi A2 Lite's device fingerprint that somehow it is not certified. Probably for reasons:
1. Magisk manager is present
2. Unlocked bootloader
3. Usually, it will pass when fingerprint has the same value from 10.0.1.0. After that, it fails for no reason. One theory suggests it might have to do with vulnerabilities present from our device (the System Toolkit app, when you dial *#*#64663#*#*), thus revoking certification from Play Store.
If you're on custom ROM, that would be it, except from POSP that has passed CTS. Also it could be the GApps you are using.
Os_Herdz said:
First, in what rom you are? Why u install magisk manager if u don't have root? What apps don't open? We aren't magicians or clairvoyants, please always mention more details
Click to expand...
Click to collapse
Stock rom, I previously had my phone rooted, thats why I still have installed magisk.
Various Banking Apps doesnt work as intended. For example https://play.google.com/store/apps/details?id=de.commerzbanking.mobil&hl=de cant unlock with fingerprint anymore. https://play.google.com/store/apps/details?id=com.starfinanz.mobile.android.dkbpushtan&hl=de doesnt open at all and opens a website which says a rooted phone could cause this issue.
Hi there.
I have an unrooted realme 6 pro. 2 days ago I tried to use Google pay and it did not work. It said that "You can´t pay contactless using this device. It may be rooted or running uncertified software.
I went to google play and I saw that my device is certified. After running some SafetyNet checks it says that CTS profile match failed. evakuation type: BASIC HARDWARE_BACKED. And then after reading some blogs I saw that on Google Play my netflix isn´t supported on my device although I have already installed it.
Any help or advice?
Thanks
Is your bootloader unlocked?
There's only 2 reliable ways to pass SafetyNet including CTS. The first is a completely stock device running pure OEM firmware with a locked bootloader.
The second is with Magisk, using DenyList and 2 modules: Universal SafetyNet Fix and MagiskHide Props Config.
A stock ROM on an unlocked bootloader will fail.
A custom ROM on a locked bootloader will fail.
V0latyle said:
Is your bootloader unlocked?
There's only 2 reliable ways to pass SafetyNet including CTS. The first is a completely stock device running pure OEM firmware with a locked bootloader.
The second is with Magisk, using DenyList and 2 modules: Universal SafetyNet Fix and MagiskHide Props Config.
A stock ROM on an unlocked bootloader will fail.
A custom ROM on a locked bootloader will fail.
Click to expand...
Click to collapse
I have also checked that. It has always been locked. I do not know if the problem is caused due to the new android update since is now running on android 11. Plus I dont want to root my phone
V0latyle said:
Is your bootloader unlocked?
There's only 2 reliable ways to pass SafetyNet including CTS. The first is a completely stock device running pure OEM firmware with a locked bootloader.
The second is with Magisk, using DenyList and 2 modules: Universal SafetyNet Fix and MagiskHide Props Config.
A stock ROM on an unlocked bootloader will fail.
A custom ROM on a locked bootloader will fail.
Click to expand...
Click to collapse
... You cannot have custom rom on unlocked bootloader LOL. Just saying. Unless a device is ancient, back in the days where you could run custom roms without unlocked bootloader.
JhinCuatro said:
... You cannot have custom rom on unlocked bootloader LOL. Just saying. Unless a device is ancient, back in the days where you could run custom roms without unlocked bootloader.
Click to expand...
Click to collapse
But that's the thing. I don't have a custom from. I did not root my phone. The only thing I did is to open the developer options. The bootloader was always locked. That started happening after the update to android 11. I sent my phone to the customer service now but I do not think they will do anything.
JhinCuatro said:
... You cannot have custom rom on unlocked bootloader LOL. Just saying. Unless a device is ancient, back in the days where you could run custom roms without unlocked bootloader.
Click to expand...
Click to collapse
You can, you just have to set a custom root of trust. See Android Boot Flow
V0latyle said:
You can, you just have to set a custom root of trust. See Android Boot Flow
Click to expand...
Click to collapse
Oops I misstated. I meant custom rom on locked bootloader**.
manu3732 said:
But that's the thing. I don't have a custom from. I did not root my phone. The only thing I did is to open the developer options. The bootloader was always locked. That started happening after the update to android 11. I sent my phone to the customer service now but I do not think they will do anything.
Click to expand...
Click to collapse
Same problem with my OnePlus Nord.
oOEDGUYOo said:
Same problem with my OnePlus Nord.
Click to expand...
Click to collapse
Did you find any fix yet... Am having the same issue
happy619 said:
Did you find any fix yet... Am having the same issue
Click to expand...
Click to collapse
I ended up installing the Pixel Experience rom. It was the only way to fix it
oOEDGUYOo said:
I ended up installing the Pixel Experience rom. It was the only way to fix it
Click to expand...
Click to collapse
I have been on custom ROMs for over 6 months on nord ... Some have bad update cycles .. Some are unstable and many more issues although my Device was certified
I have the same problem, bootloader is normally unlocked and I have Universal SafetyNet Fix and MagiskHide Props Config installed, using lineage 18.1 on my redmi 9 pro device
I have flashed both ...( Magisk hide prop conf & universal safety net )
But still "CTS failed, can somebody help me please....
I have this problem too. Any solutions ? I tried magisk with prop conf and safety net-fix and still have cts failed...
Finally success
of course magisk with deny list setup and the rest
1. remove universal safety fix
2. reboot
3. install displax fork mod 3.0 here
4. reboot
5. clear cache from google wallet
The rest ? What you mean ? Cause i have problem with CTS failed and im desperatly looking for solution
Oshvitzon said:
Finally success
of course magisk with deny list setup and the rest
1. remove universal safety fix
2. reboot
3. install displax fork mod 3.0 here
4. reboot
5. clear cache from google wallet
Click to expand...
Click to collapse
The rest ? What you mean ? Cause i have problem with CTS failed and im desperatly looking for solution
Mrlama112 said:
The rest ? What you mean ? Cause i have problem with CTS failed and im desperatly looking for solution
Click to expand...
Click to collapse
The regular instructions:
Magisk with zygisk , hide app , configure deny list and then as i said in the previous post
Oshvitzon said:
Finally success
of course magisk with deny list setup and the rest
1. remove universal safety fix
2. reboot
3. install displax fork mod 3.0 here
4. reboot
5. clear cache from google wallet
Click to expand...
Click to collapse
Thank you! Worked like a charm! IDK why my CTS Profile suddenly started failing, but this seemed to have fixed it.
Oshvitzon said:
Finally success
of course magisk with deny list setup and the rest
1. remove universal safety fix
2. reboot
3. install displax fork mod 3.0 here
4. reboot
5. clear cache from google wallet
Click to expand...
Click to collapse
Thanks so much it worked well. Am I able to update the Google Wallet without it affecting the mod 3.0?