Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

New app report for tested apps list #25

Closed
ysfchn opened this issue Dec 17, 2023 · 1 comment
Closed

New app report for tested apps list #25

ysfchn opened this issue Dec 17, 2023 · 1 comment
Labels
enhancement New feature or request

Comments

@ysfchn
Copy link

ysfchn commented Dec 17, 2023
edited

Hi!

Not sure if I'm posting this in the right repository and I don't know if you accept non-international apps for the tested apps table, but I'm going to leave that in case anyone finds it useful anyway. :)

The app name is "Papara" (com.mobillium.papara), it is a proprietary wallet/payment app which widely used in Turkey by teenagers. I was using their app since when I was on OnePlus's stock ROM (with root), but after I switch to DivestOS, I lost access to Papara because it didn't let me signing in by giving a generic message, which is used by them to tell that "device is not secured" saying "Please use a secure connection such as home network, install the app from official sources and disable your VPN if available [...]". I assume Papara checks for SafetyNet, because of course the device was not passing SafetyNet. Even if they have web version, their mobile app is the only way to use some features and to login in their web app, it sends an OTP from their mobile app which obviously I couldn't use. SMS option is only available after waiting a minute, which is not ideal to wait a minute for each time that I want to use the app.

Then I tried installing Huawei AppGallery and downloading their app from there, since I thought they removed some Google dependencies for Huawei devices that don't come with Google Play Services built-in. But strangely, the app complained about device/connection being not secured again.

Later I found that Papara actually checks if a device can connect to SafetyNet and passes it (even if it is installed from AppGallery) by simply disabling SafetyNet support on MicroG to see what the app will tell. And it finally let me in! I guess the app finally assumed that I don't have Google Play Services installed after it couldn't connect to SafetyNet API.

TL;DR: "Papara" (proprietary wallet/payment app in Turkey) works if it can't connect to SafetyNet API on DivestOS. So it needs to be explicitly disabled on MicroG, or make the device pass SafetyNet (which how I was doing when I was on stock ROM + Magisk). I didn't test if it also works when MicroG is not installed completely.

Thanks for making DivestOS by the way!
@SkewedZeppelin
Copy link
Member

Thanks for the report, I've added it to the website.

@SkewedZeppelin SkewedZeppelin added the enhancement New feature or request label Dec 17, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Milestone
No milestone
Development

No branches or pull requests
2 participants
@SkewedZeppelin @ysfchn