Google Play Integrity API.

Google's server-side device-and-app attestation API for Android, the successor to SafetyNet Attestation, used by apps to verify they are running on a genuine, unmodified device with the official, Play-distributed binary. 它属于网络安全的 移动安全 分类。

Google's server-side device-and-app attestation API for Android, the successor to SafetyNet Attestation, used by apps to verify they are running on a genuine, unmodified device with the official, Play-distributed binary.

The Play Integrity API is Google's current device and app attestation service for Android, replacing the deprecated SafetyNet Attestation API. An Android app calls the API at sensitive moments (login, payment, anti-cheat checks) and receives a signed token that the app's backend can verify with Google. The token carries three verdicts: 'device integrity' (was this command issued from an Android device with an intact platform — `MEETS_DEVICE_INTEGRITY`, `MEETS_STRONG_INTEGRITY` for stronger hardware-backed evidence, `MEETS_BASIC_INTEGRITY`), 'app integrity' (was the binary that called the API the one Google Play distributed for the published app), and 'account details' (does this user own the app via Play). Roll-out evolved through 2022–2024 with tiers: 'Classic' free quota, paid 'Standard' for higher volume, and hardware-attested variants that increasingly tie the verdict to KeyMint key attestation. Attacks include Magisk-based root hiders, custom ROMs spoofing device fingerprints, Frida-bypass research, and a constant cat-and-mouse with hardware-attested checks. Use cases include banking, fintech, mobile games, mobile DRM, and any app where backend trust depends on the client environment.

针对 Google Play Integrity API 的防御通常结合技术控制与运营实践,详见上方完整定义。

常见的别称包括: Play Integrity, SafetyNet successor。