Hello Robert,

Thank you for your post, please try to edit your rule to allow Safety Attestation failure, this option is available in Advance option while creating the rule.

Regards,

As far as I know, SafetyNet Attestation (and related API 's) is relatively new features introduced by Google.  Device manufacturer has the freedom to choose whether or not to support such feature in the firmware of their device models.   So, it is no surprse that many new device models straight out of the box do not support it.  If this feature is a must, please check the specification of the device before purchase.

Thank you. I am aware of and have maintained that config in my add device rule. I am more concerned that the SafetyNet attestation failed for the device.

Thank you for your reply Raymond. I did some testing on my devices using some SafetyNet attestation sample code from google on GitHub. At least according to those tests there are no issues with the devices which could not be enrolled.

Also I have seen that two weeks ago I was able to enroll an out of the box device without bypassing the SafetyNet attestation. This week another out of the device of the same exact model is failing.

Is it possible that there is some issue with the device or the Mobicontrol server communicating to the Google API? For example if whatever Google API key being used to call the Google API has reached it's limit of allowed API calls? 

https://github.com/googlesamples/android-play-safetynet
https://developer.android.com/training/safetynet/index.html

{
"Claims": {
"nonce": "VRxZg3n/ZtysIL/vCHmiR9Q/qjzIjV/5U2FmZXR5IE5ldCBTYW1wbGU6IDE2MDIwNzc4MzYwNjE=",
"timestampMs": "1602077839239",
"apkPackageName": "com.example.android.safetynetsample",
"apkDigestSha256": "G32uyiIeiQkXX8ectNP9foHAO5LCzJM/HTp4tgdrqJc=",
"ctsProfileMatch": "true",
"apkCertificateDigestSha256": "kRfMjUM+iHU2BXqfGN89vmY/KMDU/AEyYsB+qBXdxRU=",
"basicIntegrity": "true",
"evaluationType": "BASIC,HARDWARE_BACKED"
},
"Nonce": "VRxZg3n/ZtysIL/vCHmiR9Q/qjzIjV/5U2FmZXR5IE5ldCBTYW1wbGU6IDE2MDIwNzc4MzYwNjE=",
"TimestampMs": 1602077839239,
"ApkPackageName": "com.example.android.safetynetsample",
"ApkDigestSha256": "G32uyiIeiQkXX8ectNP9foHAO5LCzJM/HTp4tgdrqJc=",
"ApkCertificateDigestSha256": "kRfMjUM+iHU2BXqfGN89vmY/KMDU/AEyYsB+qBXdxRU=",
"CtsProfileMatch": true,
"BasicIntegrity": true
}

Hello Robert, 

Here is a link to our help document and Zebra added a document regarding this exact topic, hopefully it's helpful.  It includes screenshots from the newer versions of Mobicontrol.  

SOTI Help

SafetyNet Compliance Error Received When Enrolling into SOTI® MobiControl (zebra.com)

Warm regards,