Obfuscate Safetynet nonce

Closes #868

index.bs

@@ -3462,7 +3462,8 @@ even if the SafetyNet API is also present.
 :: Let |authenticatorData| denote the [=authenticator data for the attestation=], and let |clientDataHash| denote the
     [=hash of the serialized client data=].
 
-    Concatenate |authenticatorData| and |clientDataHash| to form |attToBeSigned|.
+    Concatenate |authenticatorData| and |clientDataHash|, perform SHA-256 hash of the concatenated string, and
+    let the result of the hash form |attToBeSigned|.
 
     Request a SafetyNet attestation, providing |attToBeSigned| as the nonce value. Set |response| to the result, and |ver| to
     the version of Google Play Services running in the authenticator.
@@ -3473,7 +3474,7 @@ even if the SafetyNet API is also present.
     - Verify that |attStmt| is valid CBOR conforming to the syntax defined above and perform CBOR decoding on it to extract the
         contained fields.
     - Verify that |response| is a valid SafetyNet response of version |ver|.
-    - Verify that the nonce in the |response| is identical to the concatenation of |authenticatorData| and |clientDataHash|.
+    - Verify that the nonce in the |response| is identical to the SHA-256 hash of the concatenation of |authenticatorData| and |clientDataHash|.
     - Verify that the attestation certificate is issued to the hostname "attest.android.com" (see
         [SafetyNet online documentation](https://developer.android.com/training/safetynet/index.html#compat-check-response)).
     - Verify that the `ctsProfileMatch` attribute in the payload of |response| is true.