Some banks, such as Sparekassen Kronjylland (9335), started requiring device attestation via SafetyNet Attestation API (https://developer.android.com/training/safetynet/attestation).
The logon/selectagreement call returns "207 Multi-Status" with X-SDC-ACTION-CODE= "DEVICE_TOKEN_NEEDED" or "DEVICE_TOKEN_RENEWAL_NEEDED" (if the device has been already approved before). Without passing a valid attestation token (signed by SafetyNet) in devices/pin, all further requests fail with Error "401 Unauthorized".
Maybe someone has any idea how to bypass it? Thank you! :)
Hello,
Some banks, such as Sparekassen Kronjylland (9335), started requiring device attestation via SafetyNet Attestation API (https://developer.android.com/training/safetynet/attestation). The
logon/selectagreement
call returns "207 Multi-Status" with X-SDC-ACTION-CODE= "DEVICE_TOKEN_NEEDED" or "DEVICE_TOKEN_RENEWAL_NEEDED" (if the device has been already approved before). Without passing a valid attestation token (signed by SafetyNet) indevices/pin
, all further requests fail with Error "401 Unauthorized".Maybe someone has any idea how to bypass it? Thank you! :)