Ma Banque - "Your device is rooted" - SafetyNet

Kuro · October 19, 2022, 6:26pm

Hi there,

I have a Samsung S8 on which I installed e over a year ago (following what was said on the e website except for booting into recovery the first time, I did that with odin because the buttons’ thing never worked out). Everything works fine and I gave up on the idea of having my bank app (Crédit Agricole’s Ma Banque) installed on it since I didn’t want to go through with installing magisk (“that is not supported anymore but still works great”).

When I first heard about e 1.0 and SafetyNet I thought “great! That will solve all my problems the easy and secure way!” but my phone was not allowed to update at first.

Today, I finally received a notification according to which I could update to e 1.5 (1.5-rc-20221015226441) which I immediately did. The update went great and I started playing around with the new features (I love the Advanced Privacy thing btw).

I activated Google SafetyNet, tested the certification which my device passed and installed the Ma Banque app (from Aurora in case that matters, because the AppLounge agrees to download but then doesn’t want to install any app (yes, I erased the cache and data)). But the app still gives me the “your device is rooted” screen.

I also tried another app that I knew had a payment feature I could not use because “for your safety, we don’t trust rooted devices”. The payment feature still doesn’t work either (but I haven’t uninstalled and reinstalled this app).

Any idea as to why the SafetyNet seems not to be working for me even though my device passes the test?

What I tried:

installing the app, then activating the SafetyNet
activating the SafetyNet, then installing the app
reboot (a lot)
with and without Advanced Privacy on (didn’t change a thing for the AppLounge either, but that’s another problem).

I can’t find anything on the forum. The SafetyNet feature seems to have solved everybody’s problem with this app.

Regain your privacy! Adopt /e/ the unGoogled mobile OS and online services phone

piero · October 19, 2022, 7:04pm

When i complain to the “Credit Agricole” that i have to root my device to be abble to run their app “Ma Banque” and ask them to correct that bug, they aswer that their app cannot run on a rooted device, (LoL).

They advise me a app (witch give interresting informations) to diag the different system settings : “RootBeer Sample” available in “AuroraStore”

Here it is my daily e-0.18-r from 2021.08.14
Magisk (plus Shamiko and SafetynetFix modules)
Installed but disabled

Here it is my daily e-0.18-r from 2021.08.14
Magisk (plus Shamiko and SafetynetFix modules)
Installed and enabled

.

Here it is a fresh e-1.4-r from 2022.09.23 (like your’s)
Without Magisk

.

You have to check the content of the “build.prop” file, and modify the problematics strings.

Kuro · October 19, 2022, 11:19pm

Hi,

Thanks for your answer. It’s been of great help!

I was indeed in your last case. Everything passed except “Dangerous Props”.

I can now access the homepage of the app. I have yet to try the securipass thing, but it’s currently installed on another phone that I can’t access at the moment being on holidays. As for the second app in which I couldn’t access a payment feature, I can now access it as well.

Here is what I did, in case anybody encounters the same problem. As it turns out, it had nothing to do with the SafetyNet. I was wrong to assume that.

Following piero’s advice, I looked into the build.prop file. After a little search on the Internet, I found out that the two strings causing this error are:
ro.debuggable=1 (should be 0 instead)
ro.secure=0 (should be 1 instead)
(source : detect non rooted device as rooted device · Issue #147 · scottyab/rootbeer · GitHub)

I followed this tutorial to modify the build.prop file.
Since the two lines I mentioned earlier weren’t on my file at all, I added them at the end.

ro.debuggable=0
ro.secure=1

If you’re in the same case as I was in and those lines aren’t in your build.prop, you can still check their values by typing the following:

adb shell
getprop ro.debuggable
# returned 1 in my case
getprop ro.secure
# also returned 1 in my case
# but to be on the safe side, I put it in the file anyway

Once that was done, I pushed the file back on the phone (I had to do an adb remount because I had a read-only error) and rebooted the phone still following the tutorial.

I tested Rootbeer right away and passed everything. I then tried opening the app and the your-device-is-rooted-screen-of-death did not appear. Huzzah!

As for what the two lines I added to build.prop do, I am not really clear on this. I’ve read on the Internet that it has to do with ADB debugging. I did notice that the ADB root parameter that appeared in my developer settings with the update disappeared. But I can still use ADB as before. And when I try adb root on my computer it still works.

From what I’ve read, it may be necessary to redo all this every time there is an OS update.

I hope this may help other people too even though the title of the topic ends up being misleading, and thanks again piero for your answer.

Kuro · October 19, 2022, 11:20pm

In case anyone’s interested, I also put two links that give more general information on the build.prop file :
https://forum.xda-developers.com/t/explanation-of-build-prop-values.3069341/
https://forum.xda-developers.com/t/guide-build-prop-explained-updated-11-30.2503997/

(Sorry for the double post, I’m allowed only two links per post).

Macrophag · October 20, 2022, 5:55am

This was indeed productive in the way, that I now pass the Root Beer test, however, apps (including bank ones) still recognize my device as rooted

Kuro · October 20, 2022, 9:35pm

Well, it’s a step in the right direction I guess. Banks certainly don’t make it easy for us. I’m sorry I can’t offer more help than that. It seems to be working alright for me now.