How SafetyNet Attestation APIs Help Combat Security Threats
Jun 26, 2020 | 42Gears Team
Given the millions of devices running Android and the numerous variants of Android Open Source Projects (AOSP) running on these devices, the Android platform is inherently vulnerable to security threats posed by malicious apps, harmful code, device tampering, and more. The very same threats also make it difficult for enterprises to ensure that every version of the platform being used in the organization is secure.
SafetyNet is one of several features and programs that Google offers for developers and OEM vendors as part of its continued efforts to bolster Android security.
Developers integrate SafetyNet APIs into their apps to make them more secure. These APIs check the device’s hardware/software level and determine if it has any malicious content, apps or codes, if it has been tampered, and whether or not it is interacting with genuine apps.
SafetyNet Attestation APIs
SafetyNet APIs are designed to check if a device is rooted by a user, has malicious content or code, is running a custom ROM, and more.
All Google certified devices need to pass the CTS compatibility test. SafetyNet Attestation APIs check if devices have passed the CTS or not. Any tampering with the device, such as rooting the device, unlocking the bootloader, running a custom ROM, or installing malware will make the device fail the CTS compatibility test.
How it works
Google Play Services runs a background service on Android devices by default. This service collects information from each device and sends it to Google on a regular basis. By analyzing this data, Google determines if the device is secure (if it has been tampered with, factory settings have been modified, or it has failed the CTS compatibility test).
Once this happens, whenever an app calls the SafetyNet Attestation APIs using Google SDK, it receives a data-based response. The application can then analyze the response to deduce if the device has been tampered with or is CTS compliant.
So next time when you see an app not responding on a rooted device, it may be because of the SafetyNet APIs. Even if apps do open on such a device, many will not allow users to perform regular tasks.
42Gears Mobility Systems has integrated SafetyNet Attestation APIs with its UEM solution to offer customers better visibility into the security and health of their devices.
For more information on SureMDM, the 42Gears UEM solution, click here.