22
Santander app is not working on custom ROM or root device
source link: https://forum.xda-developers.com/t/santander-app-is-not-working-on-custom-rom-or-root-device.3794753/page-20#post-87636869
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Santander app is not working on custom ROM or root device
Thread starter
Start date
I have happily used Halifax on my rooted device for ages but want to upgrade to Android 12 which I think requires a version of magisk without magisk hide (>23).
Does Halifax work on Android 12 with the latest magisk, using the current Airfrozen method?
Edit: Just noticed that Halifax updated last night and now does not work. Thankfully I had a backup.
Does Halifax work on Android 12 with the latest magisk, using the current Airfrozen method?
Edit: Just noticed that Halifax updated last night and now does not work. Thankfully I had a backup.
Last edited: Jun 11, 2022
Hi all,
I have just installed the Santander app (UK) and it does detect the root even if you use the deny list and hide magisk. I have a ton of banking apps and the only ones that so far won't let me log in on a rooted device are Chase bank and Santander. I use Lineage OS 19.1 for Oneplus 6.
Do you know any workaround?
I have just installed the Santander app (UK) and it does detect the root even if you use the deny list and hide magisk. I have a ton of banking apps and the only ones that so far won't let me log in on a rooted device are Chase bank and Santander. I use Lineage OS 19.1 for Oneplus 6.
Do you know any workaround?
A simple way to get it working
1. Install Magisk Alpha and Riru ( Don't activate zygisk )
2. Add Chase and Santander to Magisk Denylist and It will work
1. Install Magisk Alpha and Riru ( Don't activate zygisk )
2. Add Chase and Santander to Magisk Denylist and It will work
Reactions: Legoman6 and danc.940
A simple way to get it working
1. Install Magisk Alpha and Riru ( Don't activate zygisk )
2. Add Chase and Santander to Magisk Denylist and It will work
Thanks. Never heard of Riru. I have checked their github and it says we should use zygisk instead:
GitHub - RikkaApps/Riru: Inject into zygote process
Inject into zygote process. Contribute to RikkaApps/Riru development by creating an account on GitHub.
github.com
Thanks. Never heard of Riru. I have checked their github and it says we should use zygisk instead:GitHub - RikkaApps/Riru: Inject into zygote process
Inject into zygote process. Contribute to RikkaApps/Riru development by creating an account on GitHub.github.com
Riru will work without issues even after the developer has stopped the project. Riru uses the same function as Zygisk and you can use it without any issues. The main reason I switched from zygisk to RIru was all the banking apps were able to detect root and with Riru that's not the case.
Reactions: danc.940 and Legoman6
Riru will work without issues even after the developer has stopped the project. Riru uses the same function as Zygisk and you can use it without any issues. The main reason I switched from zygisk to RIru was all the banking apps were able to detect root and with Riru that's not the case.
Thanks will try that!
As far as I'm aware, Santander doesn't detect root, it detects if your bootloader is unlocked. And that can't be avoided whether you use Riru or Zygisk. I'm unable to get it to work with either, and I've not heard of anyone else who has been able to recently either. You don't even need to be rooted for it to refuse to work, you simply need the bootloader unlocked and it specifically mentions the phones bootloader being unlocked as the possible cause in the error when starting the app.Riru will work without issues even after the developer has stopped the project. Riru uses the same function as Zygisk and you can use it without any issues. The main reason I switched from zygisk to RIru was all the banking apps were able to detect root and with Riru that's not the case.
Santander UK app working fine here with unlocked bootloader and rooted phone. Hide My Applist appeared to be the key.
As far as I'm aware, Santander doesn't detect root, it detects if your bootloader is unlocked. And that can't be avoided whether you use Riru or Zygisk. I'm unable to get it to work with either, and I've not heard of anyone else who has been able to recently either. You don't even need to be rooted for it to refuse to work, you simply need the bootloader unlocked and it specifically mentions the phones bootloader being unlocked as the possible cause in the error when starting the app.
I was able to open the app without issue after downloading it from play store. I can't investigate more as I don't have an account with the same bank. Attaching Screengrab
P.S: I have downloaded the US version
Attachments
-
Screenshot_20221027-114813.png93.4 KB · Views: 2
Not sure if it's relevant but that's not the Santander app I use, I'm in the UK. I've not been able to get it to work for at least 18 months on a rooted device and I've read it's down to the bootloader status which can't be disguised.
See if you can install and get this to the login screen.
See if you can install and get this to the login screen.
Santander Mobile Banking - Apps on Google Play
Everyday banking made easy. Manage your bank accounts, spending and savings.
play.google.com
Top Liked Posts
-
I finally I have something.
Went back to my original proposed idea and tried to monitor network connections. Finally, I give you a permanent solution. Using Netguard app I noticed Santander contacts trusteer.com an IBM initiative for security. I was able to block trusteer from Netguard and bypass security checks for good.
However Netguard is a bit too much, it's a full networks monitoring app and a VPN service. So I tried putting the hosts in AdAway blacklist and voila. No fuss blocking. Survives a reboot.
You need systemless hosts + magisk hide and AdAway. You can find the list of blocked addresses in the screenshot. AdAway is running a webserver and I have no xposed.
THIS METHOD HIGHLY UNDERMINES YOUR BANK APPS SECURITY, AND IM NOT RESPONSIBLE IF YOU LOSE YOUR MONEY. BECAUSE AT THE END OF THE DAY YOU'RE CUTTING OFF ALL SECURITY CHECKS FROM YOUR BANK APP.
Sent from my Ulefone Armor 2 using XDA LabsThey seem to use a root detection called mount leak (https://github.com/topjohnwu/Magisk/issues/2406) that is still possible with the latest canary build. However, by changing the path where Magisk resides you can circumvent this detection. I have a private build of Magisk that is not detected by the latest Santander UK app (tried this just out of curiosity since I do not have an account with them). It also allows me to run Epic 7 with Magisk which previously was not possible. Send me a PM if you would like to try it.Here's my final list including analytics reports as well. Payments/transfers/otp work fine. If it detects root it's probably because Santander managed to make a DNS query before your hosts file was updated. That's why you need systemless hosts. To guarantee my position I also now Greenify Santander to prevent it from waking up and doing stuff without my knowledge hehe
Sent from my Ulefone Armor 2 using XDA LabsGuy with ulefone armor 2, android 7.0, magisk 16.01 Permission13 branch here. Without an app update I now get this warning too. I had Titanium backups for which I used to restore. Even the previous versions were detecting. I'm suspecting remote code execution...
EDIT: it's definitely some kinda remote code download and execution because I was able to bypass root check in Santander UK app by disconnecting wifi+4g. But basically below steps allowed me to register my device again. Although once I logged out and tried to log in again it went wild. I'll leave this to you to test/expand my findings.
1. force stop and clear data of banking app
2. disconnect all internet connectivity
3. open banking app, wait until it complains about to connectivity. do not press ok nor cancel, leave the dialog.
4. re-enable connectivity from quicksettings without changing foreground app.
5. press retry, it's now asking for customer number
6. profit.
potiential permanent fix; find the host/url where root checking codes are fetched from and block/redirect it. also as a security note, if this indeed remote code execution, this is very unsecure as anyone can perform a mitm attack and execute code within the app, geez :|. anyways, i'm waiting on your findings more technical peeps
EDIT2: can someone dig deeper with a hotspot+wireshark setup to monitor requests when bank app is fired up?
EDIT3: yeah as soon as the banking app is gone (from memory), it re-downloads root checkin mechanism in the "securing your device" screen and complains about root.
---------- Post added at 07:20 PM ---------- Previous post was at 06:25 PM ----------
Sorry, false alarm it's not remote code execution it sends a list of apps you have and sends it off to probably compare it to a repo.
EDIT: sorry for the false alarm, there's no permanent fix yet.
what worked for me:Still no luck even with reboots.
- added modules: magiskhide props config and unified hosts adblock
- reboot
- installed adaway
- hide magisk manager
- install santander
- force stop + clean santander data
- magisk hide -> santander
- updated hosts + blacklist with adaway
- reboot
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK