SOTI Pulse Logo

Migration from SafetyNet Attestation API to Play Integrity API - Android Enterprise

Publish Date: 18-May-2023 Android
1391 0

Summary

Issue:

Safety Net Attestation will no longer be supported from 01st June 2024. SOTI will be migrating from using SafetyNet Attestation API to Play Integrity API.  

Cause:

Google has announced that it will be deprecating SafetyNet Attestation API in favor of Play Integrity API.

Resolution:

Customers will need to complete upgrading to Agent version 15.4.0 or higher and Server version

Related SOTI ONE Platform Products

Android

Process Description

Issue:

Safety Net Attestation will no longer be supported from 01st June 2024. SOTI will be migrating from using SafetyNet Attestation API to Play Integrity API.  

Cause:

Google has announced that it will be deprecating SafetyNet Attestation API in favor of Play Integrity API.

Resolution:

Customers will need to complete upgrading to Agent version 15.4.0 or higher and Server version 2024.0.0 by 01st June 2024. These Agent and Server versions will be supporting Play Integrity API changes.

 

FAQs:

What is the impact?

Customers currently requiring SafetyNet Attestation API for AE enrollments will NOT be able to enroll new devices once Google removes support for SafetyNet Attestation API from 01st June 2024 unless they start using newer agent and server versions. Customers with alerts or filters based on SafetyNet Attestation status will stop working unless they start using newer agent server versions.

What are the changes?

Play Integrity API uses a different authentication mechanism than SafetyNet Attestation API. Verification and Response formats are different for Play Integrity API which will be handled in new Agent and Server versions that support Play Integrity API. Google will NOT be supporting SafetyNet Attestation API after 01st June 2024. 

What needs to be done?

Customers will need to complete upgrading to Agent version 15.4.0 or higher and Server version 2024.0.0 by 01st June 2024. These Agent and Server versions will be supporting Play Integrity API changes.

What happens to my devices if I do not upgrade to 15.4.0 Agent Version and 2024.0.0 Server version?

SafetyNet Attestation API will continue to work till 01st June 2024. 

SafetyNet Attestation API will continue to be used if only Agent or only Server is upgraded. Both Agent and Server need to be upgraded to switch to Play Integrity.

What happens to my devices if I am unable to upgrade to 15.4.0 Agent Version and 2024.0.0 Server Version?

If you are not able to upgrade to the Agent and Server versions supporting Play Integrity API, then they will need to do one of the following to be able to enroll devices:

  • Check the checkbox “Enroll on SafetyNet Attestation Failure” enabled, on the “Add /Edit Device Rules” pane.
  • Toggle ON “Enroll Device Even If SafetyNet Attestation Fails” on Enrollment Policy pane. (Image attached for reference)  

               

           

Who do I connect with if I face issues during migration?

For more complicated processes like rollbacks, migrations, etc. please contact Professional Services.

Was this helpful?

Similar Articles

Alert: Potential issues with Android devices on OS 10 and below Randomly Booting into Android Rescue Party Mode
21 Dec 2023
Android
Google Play Inactive Account Policy and their use in Android Enterprise binding creation
18 Oct 2023
Android
Enterprise Wi-Fi Profiles Fail to Install After Google Pushes OTA Security Update for Android 11+
30 Jul 2023
Android
End of Support for Android Device Admin technology
02 Mar 2023
Android
Cannot enroll using afw#mobicontrol identifier on OS 9,10,11 Android devices
14 Oct 2022
Android