Tutorial Installing Magisk and Play Integrity Fix

[andrewdai]

Oh, you poor thing, you don't have to "spend time". Only we do, I guess.
Seriously, I don't see the point of your comments. Back to stock? Good for you, why brag about it on a custom ROM forum?

No bragging indeed. It is about being frustrated, that I can't see developers winning this game...

Google will not let stock non-root ROM with unlocked bootloader work - tried it and got CTS profile mismatch. They have the option to only allow devices with Strong Integrity work with GPay. If that is case, all bets are off.

 

[Igor Eisberg]

No bragging indeed. It is about being frustrated, that I can't see developers winning this game...

Google will not let stock non-root ROM with unlocked bootloader work - tried it and got CTS profile mismatch. They have the option to only allow devices with Strong Integrity work with GPay. If that is case, all bets are off.

I try not to overthink issues I have no control over. It's healthier that way.

 

[AsadP]

No bragging indeed. It is about being frustrated, that I can't see developers winning this game...

Google will not let stock non-root ROM with unlocked bootloader work - tried it and got CTS profile mismatch. They have the option to only allow devices with Strong Integrity work with GPay. If that is case, all bets are off.

Not in my case and many others.. their Xiaomi.EU inject works PERFECTLY on my unlocked BL Poco F5 and I can pay with GPay.

Needs basic AND device integrity not Strong

 

[VFLOSNA]

From yesterday night my device is not certified it was ok all,
Xiaomi 11
Pif yesterday flash 14,5
Magisk kitsune
Deny list for Google and bank
Zygisk enabled
Shamikon 0.75
Lsposed


Are that again down ?

 

[Silvio1953]

From yesterday night my device is not certified it was ok all,
Xiaomi 11
Pif yesterday flash 14,5
Magisk kitsune
Deny list for Google and bank
Zygisk enabled
Shamikon 0.75
Lsposed


Are that again down ?

No, everything is ok here.
Redwood+ magisk+ Xiaomieumodule+shamiko
Device is certified and meet basic + device.
I had problems with PIF and resolved them with xiaomieuinject.apk

 

[AsadP]

From yesterday night my device is not certified it was ok all,
Xiaomi 11
Pif yesterday flash 14,5
Magisk kitsune
Deny list for Google and bank
Zygisk enabled
Shamikon 0.75
Lsposed


Are that again down ?

Download latest inject apk

 

[Ruchval]

I see there is a new inject version from 18th December.

I never did it work correctly, I not sure what I'm missing.

Poco f2 pro
Magisk (1 module only, systemless hosts, used to have pif but disabled and deleted though magisk interface)
Deny list (see screenshot)

Magisk is not hidden
Xiaomi.eu latest
Inject apk latest.

When I update the inject, which are the steps to follow?
I do reboot, clean wallet and play services data

What I am missing?
Thanks a lot.

 

[ekzeshka]

What I am missing?

you need to hide magisk from gms and gms.unstable (see screenshot in the first post)

 

[VFLOSNA]

Download latest inject apk

Working now thk

 

[Ruchval]

you need to hide magisk from gms and gms.unstable (see screenshot in the first post)

Updated (reinstalled) the xiaomi.eu injectApk
Added GMS and GMS.UNSTABLE
Deleted data from Wallet and Play Store
reboot

Passes Basic
Passes CTS Profile Match
Evaluation Type: BASIC

Meets_device_integrity (yellow)
Play Recognized

But I have the I CANT PAY contactless when opening wallet

 

[AsadP]

Updated (reinstalled) the xiaomi.eu injectApk
Added GMS and GMS.UNSTABLE
Deleted data from Wallet and Play Store
reboot

Passes Basic
Passes CTS Profile Match
Evaluation Type: BASIC

Meets_device_integrity (yellow)
Play Recognized

But I have the I CANT PAY contactless when opening wallet

Sometimes it takes longer than usual for it to pick up and start working.
From then on, whilst been updating INJECT APK it's met device integrity and Pay has worked after straight away.

 

[Ruchval]

Sometimes it takes longer than usual for it to pick up and start working.
From then on, whilst been updating INJECT APK it's met device integrity and Pay has worked after straight away.

Do you mean that i need to keep cleaning data from wallet from time to time?
Or it will work eventually?

 

[AsadP]

Do you mean that i need to keep cleaning data from wallet from time to time?
Or it will work eventually?

I do it after every inject update, and it works - I reboot just because.. why not xD

 

[ekzeshka]

Meets_device_integrity (yellow)

You're all good. Clear gms data or wait ~24 hours and payments will work.

 

[Ruchval]

You're all good. Clear gms data or wait ~24 hours and payments will work.

I could pay this morning!
Thanks a lot!

 

[diegoviti]

IMPORTANT
I have managed to pay without updating the inject apk. We all know that it is a bit tedious to update the apk every two days. How have I achieved it? First, I'm not sure it always works because I've only done it once and I don't know if it's because it hasn't connected to Google's servers. When you pass the device and basic verification, what I have done is deny the WiFi and 5G permission to the wallet application and it has let me pay without problems. Just before paying I passed the verification in the integrity check app and it did not pass. But having done this when it worked I managed to pay. Try and tell me

 

[zgfg12]

IMPORTANT
I have managed to pay without updating the inject apk. We all know that it is a bit tedious to update the apk every two days. How have I achieved it? First, I'm not sure it always works because I've only done it once and I don't know if it's because it hasn't connected to Google's servers. When you pass the device and basic verification, what I have done is deny the WiFi and 5G permission to the wallet application and it has let me pay without problems. Just before paying I passed the verification in the integrity check app and it did not pass. But having done this when it worked I managed to pay. Try and tell me

That will work only untill the last PI attestation cached by Wallet expires

This caching has already been discussed. I think it can last for up to 24 hours. At three occasion I was paying by Wallet (but only paying, not opening/provoking the Wallet to test can I still add the card) half a day after Google banned the previous spoofs, but next morning it stopped working

So if your Wallet cached last attestation just before Google banned the previous spoofs, you could maybe continue paying (without updating the spoofs) for up to 24 hours, but not indefinitely

 

[diegoviti]

That will work only untill the last PI attestation cached by Wallet expires

This caching has already been discussed. I think it can last for up to 24 hours. At three occasion I was paying by Wallet (but only paying, not opening/provoking the Wallet to test can I still add the card) half a day after Google banned the previous spoofs, but next morning it stopped working

So if your Wallet cached last attestation just before Google banned the previous spoofs, you could maybe continue paying (without updating the spoofs) for up to 24 hours, but not indefinitely

Okay, it makes sense. Thanks for the praise

 

[kenhill]

Howdy folks! New here, please accept my sincerest apologies I might not have read every last comment in this here 26 page megathread.

Got my 11 pro to work again by installing TWRP (I believe you pros call it a "dirty flash"), upgrading from miui 13 to 14 and then following the systems recommendations on the PIF, resetting all the apps mentioned in the first post. Now, as I read, this seems to become a cat and mouse game between Google and the smart hackers at xiaomi.eu, in any case, it keeps stopping to work every two days and I have to install yet another apk, clear all the apps, re-add all my cards... Is there a simpler way? To be perfectly honest, I am no pro, and installing TWRP and all that was already pretty much stretching my limits... Thanks for your help!

 

[ekzeshka]

clear all the apps, re-add all my cards... Is there a simpler way? To be perfectly honest, I am no pro, and installing TWRP and all that was already pretty much stretching my limits... Thanks for your help!

You don't have to clear anything. Just update apk and you're good.
Simpler way? No.
But if you can root your device using magisk or kernelsu, get a working fingerprint from an old device (the hardest part) and then spoof it using a module, you can forget about updating it every couple of days (until Google bans this too ofc, but it's been almost a month and my print is working perfectly)
Read here: https://xiaomi.eu/community/threads/installing-magisk-and-play-integrity-fix.70553/post-708426

 

[kenhill]

You don't have to clear anything. Just update apk and you're good.


That doesn't do it for me. Installing the apk alone still leads to the "device doesn't meet security standards" error. Need to reset them all and reboot. Hence my question... Thank you for the other option, I'm fearful this just gets me deeper into a rabbit hole of more issues I know nothing about

 

[ekzeshka]

That doesn't do it for me. Installing the apk alone still leads to the "device doesn't meet security standards"

Just wait and it will be gone after the next check of google play services.
As for the other thing: it's not harder than installing twrp for the first time actually. Once you understand how it works, it really isn't hard.

 

[zgfg12]

FYI, Play Integrity Next - a new fork of PIF:

GitHub - daboynb/PlayIntegrityNEXT

Contribute to daboynb/PlayIntegrityNEXT development by creating an account on GitHub.

github.com

He has a script on GitHub that first fetches a link for the latest XiaomiEUModule.apk from Xiaomi.eu SourceFourge.Net

The script downloads the injector apk, extracts and finds inside the latest hardcoded prints

The script then creates the PIF JSON and saves to GitHub


On the user side, user installs an app together with his PI Next module

That app looks to his GitHub link and downloads and installs from there the latest PIF JSON file that his server side script had created with the same latest prints from the Xiaomi.eu injector

 

[nplong]

I never did it work correctly, I not sure what I'm missing.

K30 Pro zoom
Magisk with Play Intergrity Fix 14.8 module
Denylist: Google Play services gms and gms.unstable

Magisk is hidden
Xiaomi.eu latest 14.0.5.0.SJKCNXM stable
Inject apk latest 20.12.2023.

I did reboot, clean play services / framework data.

What I am missing?
Thanks a lot.

 

[ekzeshka]

Play Intergrity Fix 14.8 module

Starting with version 14.7 chiteroman's PIF no longer includes a fingerprint. You have to find one yourself.
If you want to use a "public" fingerprint, switch to xiaomieu inject app (don't forget to hide gms and gms.unstable system processes in your magisk if you choose that), or use playintegritynext module + their apk.