Government issued app breaks because of invalid google libraries

I’m trying to install and use a government-issued secure-login app “MitID”, which is used log in to government services, doctors, etc… There is sadly no alternative app.

The installation works just fine, it’s the activation that fails as that’s when the app seems to “phone home” to check if the device is “valid”. That’s where I get this error (excuse the poor image quality, screenshots are blocked by the app, so had to take a photo) :

In plain text:

**The MitID app cannot be activated**

Activation cannot be completed on your phone.  It may be due to:

- Your phone or tablet could be rooted or compromised
- The app is installed outside Google Play
- Your version of Google Play is outdated
- Your phone or tablet does not support Google Play Services

Specs

  • Fairphone 5
  • /e/os 2.6.3-t
    • IMG-e-2.6.3-t-20241217455358-official-FP5.zip from here
    • SHA256: 40d3b19e4093704146704fd656a916e41806065261131ecaedfcb090e1e8208f
    • Android 13
    • Android security update: November 5 2024
    • Vendor security patch level: June 5, 2024
  • microG version 0.3.2.240913-102 (d28f5bc)

I’ve tried

  • Installing from App Lounge and Aurora Store
    • Comments from other users on the Aurora store mention, that you need
  • Booting into bootloader to ensure it’s locked - it is
  • Logging out, logging back in with anonymous google account
  • Logging into legit google account in App Lounge and also adding it to microG
  • Rebooting, trying again
  • Disabling VPN
  • Disabling advanced privacy

I’m out of ideas for how to get it to work - other than rolling back to stock Android with official Google libraries, which I’d very much like to avoid or waiting for a newer, official /e/os release, that’ll hopefully fix this.

Has anyone faced a similar problem? How did you solve it? Got any other good ideas for troubleshooting this?

All and any help much appreciated. :v:

hello @fonhom, @LucieCopen, welcome to this forum.

.

The app is installed outside Google Play

yes, could be the cause of you issue.

Your phone or tablet could be rooted or compromised

have test using the “RootbeerFresh” a root detector app

--------------------------------------------------------------------------

.

i cannot help you directly, but i can link you to that

1 Like

Thank you so much for the quick response @piero !

have test using the “RootbeerFresh” a root detector app

I tried this, and indeed: The “SE Linux Flag” seems to give it away:

I don’t know why it’s enabled (yet), but I’ll try to find the guide that you mentioned and get back with the results in this thread.

1 Like

Hi @fonhom, have you managed to find a solution?

I just bought a Fairphone 5 with e/OS/ and I get the same issue with MitID… which is really annoying…

Thanks in advance!

Hi @LucieCopen ,

No, I have not found a fix just yet. I’ll update this thread with any progress regarding getting the MitID app to work.

However I have found a workaround to bridge the gap:

From the MitID website I ordered a code viewer. It’s a free hardware device they’ll send to you via post or you can pick up at a municipality center. It’s surely not the same as a working app, but I think it’s an acceptable option to bridge the gap. Even if I do get the app to work eventually, I think I’ll be happy to have the code viewer as a backup.

1 Like

I do not think Root Beer Fresh is currently a 100% reliable test. See closing comments here. Rootbeer selinux flag does not pass (#8415) · Issues · e / Backlog · GitLab.

This links Releases · scottyab/rootbeer · GitHub and from that link

This was never part of the isRooted() check but as we are unable to get ro.build.selinux in later versions of Android it has been removed from the Util and sample app.

1 Like

Hi @fonhom

Thanks for the quick answer. I had the same idea with the code viewer after writing to you, and it works fine. Not as convenient as an app but totally doable.

However, I cannot install MobilePay nor my bank app (Merkur) either. Have you encountered the same issue?

Thank you for pointing that out, @aibd

You’re right, it seems that the rootbeerFresh app by KimChangYoun, that I’ve got installed, has not been updated since Sep 23, 2023.

rootbeer by scottyab is far more up-to-date with the latest commit 3 months ago. However I can’t find it on the Aurora Lounge.

Do you have suggestions how to install it, or another app that checks these kinds of things?

Hey @LucieCopen ,

I’m still waiting for the code viewer to arrive, but will test it thoroughly once I’ve got it.

I spoke to a friend, who has a Fairphone 3 running LineageOS and uses a MitID code viewer, which he’s happy with. He was not been able to get MobilePay or MitID to work on the FP3 though because he could not lock the bootloader again. So he got a super basic standard Android Google’d phone for MobilePay, that he keeps at home.

I did lock the bootloader, which I confirmed following the steps in the CLI installation guide (see above). So I suspect there is something missing or not up-to-date enough to comply with the requirements MitID and MobilePay have.

1 Like

Hi @fonhom

I already had a code viewer and I can also confirm that it works fine :slight_smile:

Alright - based on your answer and your friend’s example, I’ve installed both Mobile Pay and MitID on my work phone (an iPhone) - not exactly what I had in mind when changing for e/OS/ but well, that will work for now.

Good luck in finding a solution!

1 Like

Small update: Still no progress to get either app to work on e/OS.

But I found “Plexus”, an OpenSource app for checking if/how well a given app works on a de-googled phone. Its crowd sourced info, so consider sharing your experience.
I looked up MobilePay and some CalyxOS users report it working with microG:

So there may still be hope!

that’s the one i used to use but can’t find on the aurorastore, why i proposed the other…

here is what i found looking at /data/app on my phone (armv7) : com.scottyab.rootbeer.sample

Thanks for the follow-up @piero .

Please excuse my still n00b skills in this area: I’m not sure what to do with the archive of rootbeer, you shared.

have a try opening it, but on the photo, your phone seems much more recent than mine (s4mini),
so i am affraid my file don’t match with a armv8 devices.
anyway others users on armv7 devices can enjoy my file by place it in their /data/app folder using TWRP or a file manager with root privilèges.
and some others users on armv8 can be inspired to share their .apk

1 Like

Aha, I see. Thank you so much for sharing. I’m sure someone with a compatible phone will be very happy to try it out.

Latest update from today:

  • :package: I received my MitID code viewer (the hardware gadget)
  • :iphone: I activated it using the MitID app on my old, still working phone (an iPhone)
  • :computer: On a computer I logged into my bank using the now activated code viewer → worked
  • :phone: I installed MobilePay on the FP5, got to the MitID login, entered the code from the code viewer → :x: Error: Whoops! Something went wrong. Please try again later.
Screenshot

So I’m assuming it’s the same problem as with MitID: “Device integrity can’t be verified, therefore we won’t let you use this app on this phone.”

:memo: Side note (let’s not widen the scope of this thread too much, but thought it was relevant to the topic): As I went on with setting up other things on the phone I tried installing Authy (the MFA app on my iPhone) and that was blocked, too… After some reading and some more: I’m switching to Aegis.

So I think I won’t to tinker much more now as I don’t want to apply too many “hacks” to the /e/OS operating system, so that my hacky fixes don’t accidentally interfere with the otherwise perfectly functional system.

I’ll wait patiently and hope for a “proper” fix by microG or /e/OS :crossed_fingers:


If anyone finds solutions, or has ideas for fixes, please do share them as they might still help other people (and even convince me to try more hacky things anyway).

I will of course update this post, should I happen to stumble upon a fix.

Mobile pay is found in a Search

1 Like

Thank you for the links, @aibd .

I’m new to this, so I might be wrong, but I don’t think that the bootloader’s lock-status is the problem, because it shows as locked in fastboot:

image

So I imagine, there must be some other stuff that the device integrity check is looking at.

https://apkpure.com/rootbeer-sample/com.scottyab.rootbeer.sample/download

I have the same issue, but MitID works with my banking app. It works because I can choose to use another browser (Kiwi) whereas with MobilePay it refuses to use my systems standard browser app and defaults to the preinstalled browser. This doesnt work with MitId. And choosing to open another browser from within the preinstalled browser results in the same error as described above.
So I am wondering if there is a way to avoid MobilePay defaulting to the preinstalled browser? I thought about uninstalling it, but I am unaware of the consequences of doing this for the OS.

1 Like