What is the purpose of requiring safetynet on Android?

In another topic I asked why the safetynet requirement was added to Android and the response was something to do with user safety. However what user safety risk was there to begin with? Is there another reason why this was done?

BTW does this (and the google play install check) mean IF is not going to consider supporting Windows 11’s subsystem that’s coming out soon?

Your question was answered by Philippe:

For your other question, Windows 11’s Android support documentation for developers hasn’t been released yet (due “later this year”), so we have no information to share about this right now.

1 Like

When any other app has required safetynet, it is to prevent a rooted application from accessing sensitive info from within the app (eg. banking apps). Does IF even handle sensitive information like that? If not, how is it IF’s job to protect it’s users any malware that’s unrelated to IF?

The reason I asked about Windows 11 is because apparently it will use Amazon instead of Play Store so the play store detection will fail.

All of the data we process is listed in our Privacy Policy.

Any protection is positive from our perspective, especially in cases where malicious versions of the app are redistributed (common for games on Android).

We aren’t currently on the Amazon store, the checks would be different if we distributed in other stores.

How does requiring safetynet prevent malicious versions? Doesn’t that actually make it more likely that someone will try and download an APK from elsewhere? The reality is that there used to be, and still may be, phones from China that have play services built in but fail safetynet.

With it enabled, Infinite Flight can use it as an “abuse detection system to help determine whether [their] servers are interacting with [their] genuine app running on a genuine Android device.”

long story short the folks who run Android and a different company in China are in trouble with the US government for how they are handling user data.

That’s got nothing to do with it. Suggest that you read the previous replies :)

We’re not directly requiring SafetyNet. Play Store is using their API for this within the “Google Play Protect” functionality.

2 Likes

It’s not Huawei that’s the issue. My MI MIX2S didn’t pass safetynet until I updated to latest version. The newest Huawei devices don’t even support Google without hacks.

1 Like

In short, yes. IF holds personal information such as names, emails, IP addresses etc. All of which need protecting.

Such apps tend to be harmful to user devices, contain malicious links and other security threats. Hence the safetynet protection

I was refering to things like credit card numbers.

This counterargument makes no sense. Safetynet is not a protection service. Also, why would IF need to protect a user of the official version of IF from a fake version of IF? Only people that cannot get the official version would look for unofficial versions.

Correct, it’s a thing to use as part of an abuse detection system. It can detect abuse and alert the app. Like a smoke alarm it can warn other systems. It’s meant to protect the app and the users, not just users.

Personal info are not less sensitive than card numbers!

Indeed!

Common sense dictates otherwise… There is a reason why only last four digits show. And by your logic all online apps should require safetynet.

This is besides the point anyways. Safetynet checks for games are almost always used to prevent cheating which is not really a problem in IF to begin with. This is why I am asking for why safetynet was enabled.

That’s true, but as far as my experience with going where I shouldn’t go, it is not stored on the device, and just from a logical standpoint - why would it be? The only real logical reason I can see for it is just privacy protection, which I can understand, but if your device is rooted, then the data in a flight sim should be the least of your concerns.

Things in memory can be accessed. That’s how game modification usually works.
I just think this is a bad move by IF given that IF does not seem to want to limit the audience of the game, but safetynet actually can’t be passed on some devices without patches.

You’re spinning around “SafetyNet” too much. That specific parameter is not something we have control over.

Look up what Google Play Protect’s purpose is. Both from a user & a developer perspective and you’ll understand :)

The antivirus? I don’t see how that’s relevant. Or are you talking about something else?

Here (user):
https://support.google.com/googleplay/answer/2812853?hl=en

And here (developer):

It also protects the app itself, from being tampered with etc.

You need to understand the entire concept, before calling it a bad decision :)

1 Like