Google Play Integrity API result UNEVALUATED

[MANTDEVL]

I found issue with that device passes device integrity at the time of install but after restart device, device Integrity check failed with following response.

{ "requestDetails": { "requestPackageName": "com.mantra.rdservice", "timestampMillis": "1674455009345", "nonce": "Y29tLm1hbnRyYS5yZHNlcnZpY2UyMDIzMDEyMzExNTIzMjajHDrnJ9vtl2AfC1fUdEDJmD_HfvFtcpc\u003d" }, "appIntegrity": { "appRecognitionVerdict": "UNEVALUATED" }, "deviceIntegrity": { }, "accountDetails": { "appLicensingVerdict": "UNEVALUATED" } }

[1nikolas]

Maybe it is a custom rom issue? The app has to be "licensed" from play store in order for this to work. Unless you do the test keys thing from play console

[1nikolas]

From Google's documentation

[MANTDEVL]

My app is in production and completed all the steps of integration on play console, it works well on install time but in my scenario after restart it fails with response given in question, i knew it could happens with the reason mentioned for UNEVALUATED but if it passes device integrity one time ,it should come up with the same result every time until device integrity managed.

[1nikolas]

Working only the first time sounds like a problem on Google's end related to device's software (GMS, Playstore, etc), not the app's code

[vindicatorr]

I had this kind of working last month with an AOSP(13)+GMS GSI ROM (on phone2).

Today, I went to buy something and wanted to pay via NFC, but that failed (phone1 (LOS-20(13))). That made me look into it and I started with phone2.

I had the first 2 checks passed, then I started doing some troubleshooting steps like clearing the data/cache of play-store/services and rebooting, but now NONE of the checks are passing now, yet YASNAC is passing everything and I successfully added a card to google-wallet/pay.

Like OP, I too am getting "UNEVALUATED", and logcat is showing:

07-12 23:59:35.871  5740  5740 I PlayCore: UID: [10114]  PID: [5740] IntegrityService : requestIntegrityToken(IntegrityTokenRequest{nonce=<sanitized>, cloudProjectNumber=null})
07-12 23:59:35.872  5740  5832 I PlayCore: UID: [10114]  PID: [5740] IntegrityService : Initiate binding to the service.
07-12 23:59:35.882  5740  5740 I PlayCore: UID: [10114]  PID: [5740] IntegrityService : ServiceConnectionImpl.onServiceConnected(ComponentInfo{com.android.vending/com.google.android.finsky.integrityservice.IntegrityService})
07-12 23:59:35.882  5740  5832 I PlayCore: UID: [10114]  PID: [5740] IntegrityService : linkToDeath
07-12 23:59:35.895  3866  3904 W PermCheckPreProcessor: API 25 requires missing permission groups: [android.permission-group.PHONE]
07-12 23:59:36.123  3545  3839 I Finsky  : [54] kew.b(286): requestIntegrityToken() finished for gr.nikolasspyr.integritycheck.
07-12 23:59:36.124  5740  5757 I PlayCore: UID: [10114]  PID: [5740] OnRequestIntegrityTokenCallback : onRequestIntegrityToken
07-12 23:59:36.125  5740  5832 I PlayCore: UID: [10114]  PID: [5740] IntegrityService : Unbind from service.

On phone1, I get the first 2 checks passed, and YASNAC passes everything. I also don't get that PermCheckPreProcessor warning. However, trying to add that same card to pay/wallet fails

Some weird stuff is going on though... Going to Play Store "App info"->"App details" fails (both phones), and now trying to install an update (webview) also fails (phone1).

This may just need to be posted in XDA instead, but I thought that API 25 part may be relevant (not sure why though).

EDIT0: Odd, phone2 just updated webview now. "App details" still fails though "Something went wrong".

[1nikolas]

@vindicatorr first of all, don't compare Integrity API results with SafetyNet results. These are 2 different APIs and SafetyNet is easier to bypass. The Integrity API can be bypassed with this module https://github.com/Displax/safetynet-fix and Google Pay works. If it doesn't, open an issue there.