Warning: com.google.android.gms:play-services-safetynet

[barbarok]

Hello,

I'm having this warning on Google Play Console for my app which uses Android Stripe Terminal Tap To Pay SDK.

play-services-safetynet (com.google.android.gms:play-services-safetynet)”：
The SafetyNet Attestation API is being discontinued and replaced by the new Play Integrity API. 
Begin migration as soon as possible to avoid user disruption. 
The Play Integrity API includes all the integrity signals that SafetyNet Attestation offers and more, 
like Google Play licensing and better error messaging. 
Learn more and start migrating at https://developer.android.com/training/safetynet/deprecation-timeline

Then I noticed in the dependency tree of my app that com.stripe:stripeterminal-localmobile dependency has com.google.android.gms:play-services-safetynet as a transitive dependency which is now deprecated and has been replaced by com.google.android.play:integrity :

Both dependencies are present in version 3.5.0 of localemobile dependency.

See on Maven Website

Do you intend to remove safetynet from localemobile dependency soon ?

Thank you for your answer.

[chr-stripe]

Hi @barbarok, we are in the process of migrating from SafetyNet to the new Play Integrity API throughout the next few releases. Rest assured, we will have removed our dependency on SafetyNet before the full turndown in January 2025.

[sangeeta-myob]

Hi @chr-stripe Is there a timeline for Stripe removing this dependency? Thanks

[chr-stripe]

Yes, this will be removed in our upcoming SDK release.

[sangeeta-myob]

@chr-stripe Thanks for confirming. I saw that the React Native library uses the stripe terminal core SDK for android. Will a new version of the RN library be released at the same time with this fix?

[chr-stripe]

React Native SDK releases will typically trail Android and iOS SDK releases by a few weeks as the changes are implemented and tested.

[chr-stripe]

SafetyNet has been fully removed as a dependency from Tap to Pay in SDK version 4.0.0.