Use Custom Fingerprint/Build.Prop to Pass Play Integrity Test

In this guide, we will show you two different methods to create custom fingerprints/build.prop to pass the Play Integrity Test on your rooted device or if you are running a custom ROM. Well, it seems we might finally reach the end of the road, as far as gaining administrative privileges is concerned. For the unaware, if you root your device, then it will trip the SafetyNet Test, thereby making it difficult to use banking and payment apps.

However, we managed to find a workaround that helped us pass this test with ease. Fast forward to this year, Google introduced the Play Integrity Test and has instructed every app to incorporate its API by January 2025. At the time of writing, many banking and payment apps have already shifted over to this test.

As before, if your device is rooted, then you will fail this test, thereby resulting in your inability to use banking apps. Fortunately, we once again managed to get hold of a method to bypass this test. Google then took a step further and patched our tweak only for us to bypass it once more! Until now. The Silicon Valley giant has finally taken the most extreme step to date which might finally spell the end of root for the tech enthusiasts.

Google ‘Banning’ Fingerprints for Play Integrity: Is Hiding Root Impossible?

Up until now, we were able to use the XDA Senior Member Chiteroman’s module to easily pass the MEETS_DEVICE_INTEGRITY and MEETS_BASIC_INTEGRITY, which are two prerequisites of the Play Integrity test. In hindsight, the module uses a fingerprint from one of the unpatched devices and the developer then uploads his mod over to GitHub. Since this mod is open source, anyone can easily decode it, including Google! And that is exactly what is happening.

While it might sound hard to digest why would Google end up utilizing a part of its resources towards this project which affects only about 3% of Android users, but trust us, that’s exactly what’s currently going on. The developer has tried out numerous combinations of fingerprints in its modules, including different OEMs, different Android versions, and even different custom ROMs [such as Evolution X].

However, every time a new module is released, Google tends to patch it straightaway, thereby leaving the developer with three options- either keep on playing this trial-and-error method, make the module closed source, or list out the instructions on how a user could create a custom fingerprint file and use it to pass this test.

The first approach was neither the most feasible nor the most viable for him [because he wasn’t earning anything from it and more importantly he has a life out of this modding community too!]. Likewise, making it a closed source might have raised a few eyebrows from some of the users [though judging by his reputation, that shouldn’t happen in the first place]. Henceforth, the third option is our best bet.

How to Create and Use a Custom Fingerprint/Build.Prop to Pass Play Integrity

There exist a couple of methods of getting this job done- the automatic and the manual way. In the automatic method, you would still need to carry out the first step from the manual method, but it will then take care of the rest of the steps. Moreover, please take a backup beforehand, just to be on the safer side. Droidwin and its members wouldn’t be held responsible in case of a thermonuclear war, your alarm doesn’t wake you up, or if anything happens to your device and data by performing the below steps.

One Click Method [Easiest]

Well, we can’t thank chiteroman enough for this! He has just released a plug-and-play version of this module which would be the easiest and best method to opt for the generic users. All you need to do is get hold of this module v14.2 from GitHub, enable Zygisk, flash it via Magisk, and delete the data of Google Services Framework, Play Store, Play Service, and Play Protect Service [if present]. Here’s a detailed guide on the same, it’s highly recommended you check it out.

Create a New Fingerprint JSON File Manually

XDA Senior Recognized Developer Osmosis took this responsibility on his shoulders and has done quite an excellent job in listing out the steps on how you could create and use a custom.pif.json. Here are the instructions steps for the same:

[Check out UPDATE section at the end of this guide!] First and foremost, download the stock ROM for a random device [see below], extract it, and get the system build.prop *and/or* product build.prop *and* vendor build.prop files from it. [In some cases, you could simply get hold of the firmware DUMP file directly on websites like Gitlab. So it’s better if you can find the dump because then you wouldn’t have the download the ROM and neither would you have to extract these files].

We cannot share these files/details publicly because Google will get hold of them and mass ban all of them at once [it has just happened with an Asus device. We managed to get an unpatched fingerprint from one of the Asus devices and used it to pass the Play Integrity Test. This worked for a few days before being ultimately patched by Google!]. Regarding “a random device” that we mentioned above, make sure to keep the following points in mind before you download its ROM:

• All older Nexus devices (Nexus 6/shamu and older) appear to be banned.
• Final release ROM builds of all no-longer-supported remaining Nexus and Pixel devices are banned.
• The device must have at least been upgraded to Oreo (Android 8) and should have come with at least an Android 6 or higher version out of the box.
• Devices launching with Pie (Android 9) or later might not work.
• In a nutshell, try to pick a combination of a device and its ROM which you don’t think many people will choose. This is because “The less obvious statistical data Google receives indicating a particular fingerprint is being abused, the fewer fingerprints will get banned”.
• Don’t go for the likes of Pixel, Samsung, Xiaomi, and other popular OEMs as most of their fingerprints have already been used or patched by Google. Instead, go for less-known brands such as Asus, Vivo, Oppo, or other Chinese brands that not many know about. Remember, the less popular a device is, the better your chance of passing the Play Integrity test!

Let’s now talk about the location of build.prop, product, and vendor.prop. In case of build.prop, it could be found at /system/system/build.prop or /system/build.prop. The product can be /product/build.prop and/or /product/etc/build.prop. The vendor is located in /vendor/build.prop or/system/vendor/build.prop.

In general, they’ll be ro.build.fingerprint + ro.product.* (older system build.prop), or, ro.system.build.fingerprint + ro.product.system.* (newer system build.prop) [or, ro.product.build.fingerprint + ro.product.product.* (product build.prop,  only needed on devices where system build.prop contains “generic” values)].

From there, you’ll have to copy the following six values: PRODUCT (ro.*.name), DEVICE (ro.*.device), MANUFACTURER (ro.*.manufacturer), BRAND (ro.*.brand), MODEL (ro.*.model), and FINGERPRINT (ro.*.fingerprint). Optionally,  also copy SECURITY_PATCH (ro.build.version.security_patch from system build.prop)

Any build prior to March 16, 2018 does not require a matching SECURITY_PATCH field, though adding it wouldn’t be of any harm. Moreover, do note that the date should be from the ro.build.date present in the system build.prop, instead of the AOSP base date in the fingerprint.

Now paste the copied values between the quotes of the corresponding fields in the template custom.pif.json sample shown below [it’s just a sample one that has already been banned by Google. So make sure to replace the values accordingly].

{
  "PRODUCT": "taimen",
  "DEVICE": "taimen",
  "MANUFACTURER": "Google",
  "BRAND": "google",
  "MODEL": "Pixel 2 XL",
  "FINGERPRINT": "google/taimen/taimen:8.1.0/OPM4.171019.021.R1/4833808:user/release-keys",
  "SECURITY_PATCH": "2018-07-05",
  "FIRST_API_LEVEL": "26"
}

Here’s another JSON file with slightly more information:

{
  "MANUFACTURER": "Google",
  "MODEL": "Pixel 2 XL",
  "FINGERPRINT": "google/taimen/taimen:8.1.0/OPM4.171019.021.R1/4833808:user/release-keys",
  "BRAND": "google",
  "PRODUCT": "taimen",
  "DEVICE": "taimen",
  "RELEASE": "8.1.0",
  "ID": "OPM4.171019.021.R1",
  "INCREMENTAL": "4833808",
  "TYPE": "user",
  "TAGS": "release-keys",
  "SECURITY_PATCH": "2018-07-05",
  "DEVICE_INITIAL_SDK_INT": "26"
}

Once you have got the required information, save it in a text file and rename it to custom.pif.json if you are using the fork of the original module [by Osmosis, which we are using] or pif.json [if you are using the original module by Chiteroman]. After that, you’ll now have to transfer the file to your device.

For that, you could either do so via the Pixel Flasher Tool as explained in the next section, or by copying your .json file to /data/adb/modules/playintegrityfix/custom.pif.json [for Osmosis, in our case] or /data/adb/pif.json [for Chiteroman]. Once done, restart your device and then check if it passes the Play Integrity Test using this custom fingerprint/build.prop! If it doesn’t, then you’ll have to pick a different fingerprint and retry this process.

Some Additional Tips on Creating Custom JSON Files

• Let’s say that a device was released with Android 8, and then it received subsequent updates to Android 9 and 10. This way you’ll be able to create three different fingerprint JSON files to test. However, most of the details will be the same in all those files, such as MODEL, BRAND, MANUFACTURER, and even the FIRST API LEVEL because the device was initially launched with Android 8, that fact isn’t going to change irrespective of the current OS.
• Moreover, there needs to be a comma after the end of every line in the JSON file, except the last line [as is evident from our above example.
• If you still have any doubts with regard to your JSON file, then you could use this JSON Validator and it will point out all the errors in your file, if any.

Pixel Flasher Tool [Recommended]

The tool supports two methods- it could either generate a random fingerprint JSON file for you or you could create and upload your own custom fingerprint. If you ask the tool to generate a JSON file for you, then it has a high chance of getting patched by Google as opposed to the one that you have created manually. However, as opposed to the manual creation, it will take a lot [and yes, we really mean a lot] of time and effort. So decide on this trade-off accordingly.

1. To begin with, get hold of the build.prop file from the desired firmware version as explained above.
2. Then download and extract Android SDK Platform Tools on your PC.
3. After that, enable Zygisk via the Magisk’s settings menu and restart your device.
4. Now download Pixel Flasher from GitHub and launch it [credits: XDA Recognized Developer badabing2003].
5. Then click on Browse > navigate to the platform-tools folder and select it.
6. Now click on Scan and select your device from the list.
7. Then click Magisk > Install PIF module and select the desired one [we have chosen Osmosis].
8. The latest version of the mod will now be installed. Once done, hit OK and click Reboot System.
9. Once your device boots up, click on PIF Manager [it will be empty as of now].
10. Now, if you want to opt for the Manual Method, then click on Process build.prop(s), navigate, and select your build.prop files. The order of precedence is as follows:

    build.prop
    system-build.prop
    system.prop
    product-build.prop
    product.prop
    vendor-build.prop
    vendor.prop
    Any other prop file

    

11. The tool will now read these files and bring up the output something as shown in the below screenshot.
12. On the other hand, for Automatic Method, click on the Get TheFreeman193 Random Pif button. It will populate the output window with the data from a random device.
13. Once done, click on the Paste button next to Output and the data will be populated under the Active PIF section.
14. At this stage, you should see the red warning next to Active PIF. This just indicates that the contents of the Active PIF window are not the same as the contents on the device.
15. So click on Create PIF.json and the file will be transferred to your device. Likewise, the red warning should now turn gey, meaning the content of PIF widow is the same as that on your device.
16. Finally, download and install a SafetyNet Checker app out of the four listed there. As of now, we are going ahead with Play Integrity API Checker.
17. So click on Play Integrity check. It will launch the Play Integrity API Checker app, perform the test, and display the result in the output window.
18. If it passes the device integrity and basic integrity tests, then congrats, you have found the needle in the haystack! But what if the test fails? Let’s find out.

What if the Test Fails? Repeat and Repeat!

• If you have chosen the Manual Method and failed the test, then you’ll have to get hold of a new JSON file from different firmware and repeat the above steps. Do so until you get the right JSON file that passes both these tests.
• If you have chosen the Automatic Method, then in that case, click on the Get TheFreeman193 Random Pif button > click on Paste next to Output. Then click on Update PIF.json > Play Integrity Check. It will perform the check and display the result. Keep on carrying out these processes until you achieve success.

Moreover, as soon as you find the right fingerprint JSON file, make sure to hit the heart icon and save that file. And please don’t share it with others as upon doing so, the chances of it getting into the hands of Google and subsequently nullifying it by the Silicon Valley giant increases tremendously. [So sharing is not caring in this case!].

Rooting and Custom ROMs: A Difficult Yet Achievable Journey Ahead!

So this was all from this guide on how to use a custom fingerprint/build.prop and pass the Play Integrity Test. While we always believed in the “sharing is caring” motto, however, for once, let’s not adopt it in this case scenario. If you get hold of a working fingerprint and then end up sharing that with the rest of the users, then it will ultimately be patched by Google. So keep that unique build.prop with yourself and prevent it from getting caught by Google!

NOTE: Some or the other changes are being constantly implemented by Google at an alarming rate. Thankfully, the developers are always one step ahead and are testing out new ways of bypassing the patches enforced by the Silicon Valley giant. But this also means that you will witness changes to the modules at frequent intervals as well, so we will update this guide as and when that happens. Make sure to keep a tab on this post regularly. [Screenshots Credits, unless specified otherwise: XDA Recognized Contributor badabing2003].

UPDATE: List of Fingerprints Build Prop Passing Play Integrity

Well, we decided to do all the dirty work on your behalf by compiling a list of all the custom fingerprints/JSON/build props from the devices that pass the Play Integrity tests. However, make sure you’re the earliest adopter of these builds, or else, it won’t be long before others get their hands on them. With that said, even if these get patched by Google, we will generate a new one at the earliest. So make sure to keep a tab on the below linked guide frequently.

List of custom fingerprints/JSON/build prop that pass Play Integrity