UBS Access & UBS Mobile Banking can detect root despite Magisk Hide

[robertototaro]

Hello,

Two e-banking apps by UBS (UBS Access & UBS Mobile Banking) can now detect root in spite of Magisk Hide (even with the latest Canary release). Both apps used to work till a recent update, but now they detect root as soon as they are started.

I tried the following:

• Enable Magisk Hide
• The above plus Hide Magisk Manager (with a neutral name - my son's name)
• Enable Magisk Hide and completely remove Magisk Manager
• All the above plus removing everything that needs root
• All the above plus disabling USB debugging & developer options

It goes without saying that I have no Magisk related files laying around in the filesystem. Also, after every test I completely cleared the e-banking apps storage.

I tried this on two phones (1+ 6 and 6T) running OOS 10.0.1 stock (apart from unlocked bootloader and Magisk). Both phones pass SafetyNet, are listed as certified in Google Play and no other app I have (e.g. other e-banking apps) can detect root.

The only way to use these apps is completely removing Magisk from the phone.

[topjohnwu]

1152

[letic]

Hey @robertototaro,

I had the same issue. In order to make it work you need to go into Magisk's options and choose to rename Magisk package name. Once this is done you will be able to run UBS Access.

Hope this help Take care LeTic

[robertototaro]

Hi LeTic,

Which version of Magisk, Magisk Manager and of the UBS app are you using? Hiding the Magisk Manager used to work till a couple of months ago, but then an update of the UBS Access app broke it again.

Regards, Roberto

[letic]

Latest version. I just setup Magisk today.

Magisk 7.5.2-1e2de1bb(272) Magisk 20.4-0dc9f5c3

Magisk is renamed to "Manager" in the app and its package name is a random hash.

UBS Access 3.7.9.3

I just tried restoring Magisk to its original package name and UBS Access stopped working but after rechanging it, it worked like a charm again.

[robertototaro]

Thanks. I'm using Magisk Manager 7.5.1 + Magisk 20.3. I'll try switching to the Canary channel.

[Tomblarom]

I was able to bring UBS Access to work. It worked for a while, but suddenly detected root. I'm using Magisk Manager 7.5.1 and Magisk 20.3, Android 9 (lineage_polaris 190405.003885f5c804a)

Do the following steps:

• Remove UBS Access & Banking (have your Access Card + Reader on hand)
• Magisk Manager > Settings > Repack > name something like "Settings"
• Ensure you're passing SafetyNet (otherwise try modules like PetNoires SafetySpoofer)
• Install UBS Access (don't launch it!!)
• Magisk Manager > Hide > select UBS Access
• reboot (optional)
• Launch UBS App and enjoy!

[imr0]

I'd like to add that Magisk Hide was working for me as described above until today's update to UBS Access App version 3.7.11.0. Now the app is detecting root. :/ This method still works with version 3.7.9.3 though.

My config: → LineageOS 17.1 April 28th build for OG Pixel (sailfish) → Magisk 2.04 with MagiskManager 7.5.1 with Magisk Hide enabled for UBS Access App → SafetyNet passed via MagiskHide Props Config module

[letic]

Same here. I had to downgrade to 3.7.9.3.

On 28/04/2020 19:52, imr0 wrote:

I'd like to add that Magisk Hide was working for me as described above until today's update to UBS Access App version 3.7.11.0. Now the app is detecting root. :/

My config: → LineageOS 17.1 April 28th build for OG Pixel (sailfish) → Magisk 2.04 with MagiskManager 7.5.1 with Magisk Hide enabled for UBS Access App → SafetyNet passed via MagiskHide Props Config module

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/topjohnwu/Magisk/issues/2163#issuecomment-620760304, or unsubscribe https://github.com/notifications/unsubscribe-auth/AADFEE5MZED3UIBOVBGRACDRO4JVXANCNFSM4J4LTXKA.

[VV-Cephai]

How did you downgrade?

[letic]

Unfortunately it is not possible to downgrade through adb for application that do not have the debug flag. So you have to uninstall it and re-install the apk downloaded from any apk mirror through adb install.

On 30/04/2020 17:36, VV-Cephai wrote:

How did you downgrade?

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/topjohnwu/Magisk/issues/2163#issuecomment-621931214, or unsubscribe https://github.com/notifications/unsubscribe-auth/AADFEE7BZ7WKOOLXPK5IEFTRPGLHPANCNFSM4J4LTXKA.

[seemebreakthis]

As of this morning 3.7.9.3 is starting to force you to upgrade to their latest version. So I think we are back to square one.

I believe (I haven't tried myself) one way to successfully bypass the check, albeit very inconvenient, is to delete magisk manager then run UBS Access. Anecdotal observation suggests it checks for the presence of Magisk Manager only. The latest version must have been updated to detect the new Magisk Manager so when it gets deleted (after you have added UBS Access to Magisk Hide), UBS Access will run. Then it is a matter of reinstalling MM afterwards.... (and do this each you you need to run UBS Access).

[Raptor039]

Tested what you have suggested and it's not working unfortunatly...

I don't understand why a bank like UBS is spending lot of money into R&D to stop us using their 2FA crappy app... I mean, it's a privacy violation that a third party scans or looks for which types of apps are installed on our device!

[letic]

@topjohnwu I will open a new issue to track this recurring issue but what do we need to provide you to be able to debug it ?

Can we run something similar to strace to check what the app is trying to access and see how it detects the root ?

Thanks in advance

[seemebreakthis]

@letic hello if there is a new issue for this, I'd like to get a link to it so I could track progress.

I discovered recently about isolation apps so I treid "Island" but while it works for another backing app I have, there must be something "UBS Access" can detect even in the work profile environment, as the app still crashes even inside the island.

[letic]

Well I solved my issue by changing bank :) Sorry guys.

On 12/08/2020 13:18, seemebreakthis wrote:

@letic https://github.com/letic hello if there is a new issue for this, I'd like to get a link to it so I could track progress.

I discovered recently about isolation apps so I treid "Island" but while it works for another backing app I have, there must be something "UBS Access" can detect even in the work profile environment, as the app still crashes even inside the island.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/topjohnwu/Magisk/issues/2163#issuecomment-672811088, or unsubscribe https://github.com/notifications/unsubscribe-auth/AADFEE5ULQC3YMCLEO3ISN3SAJ265ANCNFSM4J4LTXKA.

[alain57]

someone managed to fix that ? Of course changing the bank is one way of fixing this.

I really hate it when banks add such limitation, this is crazy They are not fobiding us to use their banking when you're the admin of your computer, so why do this one phones :/ That they make a warning appear saying that a rooted device can be dangerous as a virus could steal the informations ok why not (did they scan the PC to know if you have an anti virus ?!? no so why do this kind of joke on mobile a mobile I own !) But forbidding the app of launching ...........

[Raptor039]

someone managed to fix that ? Of course changing the bank is one way of fixing this.

I really hate it when banks add such limitation, this is crazy They are not fobiding us to use their banking when you're the admin of your computer, so why do this one phones :/ That they make a warning appear saying that a rooted device can be dangerous as a virus could steal the informations ok why not (did they scan the PC to know if you have an anti virus ?!? no so why do this kind of joke on mobile a mobile I own !) But forbidding the app of launching ...........

Unfortunately not... I ended up to remove this shitty app from my phone. I'm keeping it on my iPad when needed, to do some transfers for instance. Changing bank, like you, isn't a solution for me.

[Biganon]

Tried today, Magisk 22, MagiskHide (both UBS packages listed under the UBS Access app), Universal SafetyNet Fix 1.1.0, even changed my device's fingerprint, to no avail. Still can't use the goshdarned app.

[QkiZMR]

Tried today, Magisk 22, MagiskHide (both UBS packages listed under the UBS Access app), Universal SafetyNet Fix 1.1.0, even changed my device's fingerprint, to no avail. Still can't use the goshdarned app.

did you clear google services and google play data then reboot?

[pmatuszy]

Tried today, Magisk 22, MagiskHide (both UBS packages listed under the UBS Access app), Universal SafetyNet Fix 1.1.0, even changed my device's fingerprint, to no avail. Still can't use the goshdarned app.

did you clear google services and google play data then reboot?

the same for me :-(

[QkiZMR]

I tried to test these apps in my working environment. Access is keep crashing all the time. Banking app works ok but I don't have an account on UBS so I cant pass register screen. But the application is not complaining on root. My config: Moto Z3 Play, Android 9, Magisk 21.4, Magisk Manager 22.0 (hide), Riru Core 25.3.3, EdXposed 0.5.1.4 (SandHook), Universal SafetyNet fix 1.1.1, and few others, not related modules. SafetyNet green, I see Netflix in Google Play and I can pay by phone in shops.

[MauriceCalvert]

Go to Apps -> Long-click Banking (UBS) -> Force Stop Storage -> Clear Data Restart Banking, you'll have to go through the full sign-in

[seemebreakthis]

I tried to test these apps in my working environment. Access is keep crashing all the time. Banking app works ok but I don't have an account on UBS so I cant pass register screen. But the application is not complaining on root. My config: Moto Z3 Play, Android 9, Magisk 21.4, Magisk Manager 22.0 (hide), Riru Core 25.3.3, EdXposed 0.5.1.4 (SandHook), Universal SafetyNet fix 1.1.1, and few others, not related modules. SafetyNet green, I see Netflix in Google Play and I can pay by phone in shops.

I have figured out a way to make Access work a couple of months ago. I just forgot to post my findings here: https://forum.xda-developers.com/t/banks-app-detects-root-after-update-v18-0-with-magisk-hide-and-hidden-manager.3877412/page-14#post-85700373

[nothingface0]

Commenting to see if more people suddenly have this problem with the UBS banking app those last few days.

I did try all recommended solutions, both here and in the XDA thread above.

[seemebreakthis]

Commenting to see if more people suddenly have this problem with the UBS banking app those last few days.

I did try all recommended solutions, both here and in the XDA thread above.

Yeah they updated their app about 10 days ago and now I can't use it anymore either.

A less convenient workaround for me is to just login via www.ubs.com. I found out they have a link in the login page to let you continue using your browser to login. And for the Access QR code page, they actually have a link to jump to the Access app for validation.

[nothingface0]

A less convenient workaround for me is to just login via www.ubs.com.

That's what I ended up doing, too. Thanks for the reply!

[renyhp]

Could it be that it is checking for a the presence of a working Play Store app? Maybe the usual FakeStore is not enough to trick it, either because of its name, or because it can't start in a way that UBS likes. Unfortunately I'm not expert enough so I didn't manage to make this sort of tests.

[seemebreakthis]

Could it be that it is checking for a the presence of a working Play Store app? Maybe the usual FakeStore is not enough to trick it, either because of its name, or because it can't start in a way that UBS likes. Unfortunately I'm not expert enough so I didn't manage to make this sort of tests.

Have no clue what you are talking about, simply because I don't have any knowledge of the intricacies of rooting and hiding root. So you mean Play Store even when I have it on the phone and have everything in place to pass the SafetyNet test, is still not present / working from the app's point of view?

[renyhp]

Well, I'm no expert either, but if you have the original Play Store installed then the answer to my question is clearly no, or at least that's not the thing happening on your phone.

On my phone I haven't installed any Gapps, and I'm using microG, and I was wondering if that is what UBS is detecting.

[seemebreakthis]

Well, I'm no expert either, but if you have the original Play Store installed then the answer to my question is clearly no, or at least that's not the thing happening on your phone.

On my phone I haven't installed any Gapps, and I'm using microG, and I was wondering if that is what UBS is detecting.

My phone does have Gapps and Play Store. They were never removed from the original OS (MIUI, I have a Xiaomi phone).

[renyhp]

Well, after trying to fiddle around with Magisk Delta, then upgrading Magisk and upgrading the UBS apps, now UBS Access doesn't work anymore either, which is quite a large PITA because now I'm locked out of the website, too. Hoping that someone can give some help...

[nothingface0]

After @renyhp 's comment, I checked the Access app and it was indeed crashing with no message. I opened magisk and updated to 26.0. After a restart, I still can't use the Acess app to login on the UBS website.

[marinovdeyan]

I want to open a key4 account with them but seem to be unable to do so through the website and am forced to use the app, which manages to detect unlocked bootloader/root even though I pass SafetyNet, have changed device fingerprint and use the universal safetynet fix. Basically can't be their customer because I have configured my phone a certain way that they don't like... This is ridiculous.

[seemebreakthis]

I want to open a key4 account with them but seem to be unable to do so through the website and am forced to use the app, which manages to detect unlocked bootloader/root even though I pass SafetyNet, have changed device fingerprint and use the universal safetynet fix. Basically can't be their customer because I have configured my phone a certain way that they don't like... This is ridiculous.

I am moving away from UBS too, not entirely because of this, but this is definitely one of the triggering points.