Android Pay doesn't work if your bootloader is unlocked

Forums › Android › Android Pay doesn't work if your bootloader is unlocked

lchiu7

6459 posts

Uber Geek

Trusted

#205053 28-Oct-2016 04:21

This might not be news to some but it was for me. In the US now and tried to pay with Android Pay on my Nexus 6 which has a stock ROM but the bootloader is unlocked (I know I did this but not sure why). I am using a US credit card so it's mot an issuing bank issue.

The terminal popped up a message saying

“Android pay can’t be used on this device… Google isnt able to confirm that your device or the software on it is is Android compatible. You many need to unroot your device.”

I think this is a recent update to Android 7 slipstreamed out to some releases (I only recently got the Anroid 7 update).

That's annoying since I had used Google Wallet with no problem but appaently Android Pay keeps a tokenised version of your card on the phone which it uses to send to the terminal so more security is required. i suspect PCI-DSS would be an issue.

I could relock the bootloader to check but I have no PC with me on this trip and it could wipe the phone which would be a hassle.

Staying in Wellington. Check out my AirBnB in the Wellington CBD. https://www.airbnb.co.nz/h/wellycbd PM me and mention GZ to get a 15% discount and no AirBnB charges.

michaelmurfy

meow
13164 posts

Uber Geek

Moderator

ID Verified

Trusted

Lifetime subscriber

#1659415 28-Oct-2016 04:52

Yes Google have updated SafetyNet (Link) to detect if your bootloader is unlocked on many devices. This is because of the following (personal experience - I am an avid phone warranty breaker):

1) If you've got your Bootloader unlocked you can be running any version of Android, or different kernels not supported by Google that may compromise security.
2) You could be running root evasion software (eg, be running Xposed with something that gets around root detection like Superkiwi for ANZ GoMoney).
3) PCI-DSS Requirements since third party software, kernels, roms or otherwise could compromise card security.

I'd imagine the communinty will find a way around this however Google have been a few steps ahead as of late to ensure device security. With what features Google are putting into their latest Android versions these days the reasons for rooting your device are getting less with each Android update - the only thing I can think of is if you didn't want Google services running of which you wouldn't be using Android Pay anyway. Things like Adaway have issues with the latest versions of Android and Xposed is no-longer supported (development has more or less halted). I do agree there are merits with having both an unlocked bootloader and some root apps (eg f.lux of which Google are rumored to bring into their next Android release) however the security risks for unexperienced users (eg those wanting to cheat with Pokemon Go) and the risk of Malware on rooted devices is quite major in the payment industry.

This is one thing Apple does quite well and it seems Google are playing a little bit of catch up here. This doesn't deter the avid warranty voider (eg, I still experiement) however I don't expect things like ANZ GoMoney, Android Pay or anything else to work successfully if I do tinker with my phones operating system. This is why I am now running a Nexus, unrooted and with a locked bootloader which to me is the first time doing so since Android came out (literally - I've had a rooted device since the HTC G1) and to be perfectly honest have not really missed root apart from seeing a few ads here and there and having a blinding screen when I decide to use my phone in a half asleep state.

Michael Murphy | https://murfy.nz
Referral Links: Quic Broadband (use R122101E7CV7Q for free setup)

Are you happy with what you get from Geekzone? Please consider supporting us by subscribing.
Opinions are my own and not the views of my employer.

Samsung

Shop now on Samsung (affiliate link).

lchiu7

6459 posts

Uber Geek

Trusted

#1659416 28-Oct-2016 05:06

I remember now why my bootloader is unlocked. I had planned to root the phone because the Nexus 6 has a notification light that is only available if the phone is rooted. That is strange and anyway I didn't manage to root the phone but left the bootloader unlocked I find the passive notifications on the N6 AMOLDED screen work fine.

Apart from that I have no reason to have a rooted phone or unlocked bootloader, ANZ GoMoney works fine on the phone but that might change in the future as you note. I would relock the bootloader but can't do it while on vacation.

Staying in Wellington. Check out my AirBnB in the Wellington CBD. https://www.airbnb.co.nz/h/wellycbd PM me and mention GZ to get a 15% discount and no AirBnB charges.