Skip to main content

Device Integrity checking mechanism

Android Device - Possible Tampering is only supported on devices with MTD version below 5.2 and uses Google Safetynet API for detection.

Google is set to shutdown the Safetynet API by January 2025 and replace it with the Play Integrity API.

Tip

We recommend you to update devices with MTD version above 5.2 that supports three events with Play Integrity API.

Devices with MTD version 5.2 and above will now support Play integrity API detections with the following three events based on the integrity verdict labels returned:

  • Device Failed Basic Integrity CheckCritical Severity Event is reported when the device did not return any of the integrity verdict labels MEETS_STRONG_INTEGRITY, MEETS_DEVICE_INTEGRITY or MEETS_BASIC_INTEGRITY.

  • Device Failed Integrity Check - Elevated Severity Event is reported when the device returns without the integrity verdict label MEETS_DEVICE_INTEGRITY.

  • Device Failed Strong Integrity Check - Low Severity Event is reported when the device returns without the integrity verdict label MEETS_STRONG_INTEGRITY.

The Mobile Security console administrators can review the event forensics to understand the integrity verdict label returned for the device.

Google Device integrity verdict label

DEVICE LABEL

DESCRIPTION

MEETS_STRONG_INTEGRITY

The app is running on an Android device powered by Google Play services and has a strong guarantee of system integrity such as a hardware-backed proof of boot integrity. The device passes system integrity checks and meets Android compatibility requirements.

MEETS_DEVICE_INTEGRITY

The app is running on an Android device powered by Google Play services. The device passes system integrity checks and meets Android compatibility requirements.

MEETS_BASIC_INTEGRITY

The app is running on a device that passes basic system integrity checks. The device may not meet Android compatibility requirements and may not be approved to run Google Play services. For example, the device may be running an unrecognized version of Android, may have an unlocked bootloader, or may not have been certified by the manufacturer.

In this section: