Google Play Integrity API: Difference between revisions

The Play Integrity API is an API provided by [[Google]] for the [[Android]] Operating System that allows applications to verify the genuineness of the app's binary and Android version.<ref>{{Cite web |title=Overview of the Play Integrity API |url=https://developer.android.com/google/play/integrity/overview |archive-url=https://web.archive.org/web/20250607124755/https://developer.android.com/google/play/integrity/overview |archive-date=2025-06-07 |access-date=2025-06-10 |website=Android Developers}}</ref> It is the successor of the now deprecated SafetyNet Attestation API.<ref>{{Cite web |title=About the SafetyNet Attestation API deprecation |url=https://developer.android.com/privacy-and-security/safetynet/deprecation-timeline |website=Android Developers |archive-url=http://web.archive.org/web/20260127061745/https://developer.android.com/privacy-and-security/safetynet/deprecation-timeline |archive-date=27 Jan 2026}}</ref> It is part of [[Google Mobile Services]] (GMS). The API offers 4 device integrity labels, which are detailed in the table below.<ref>{{Cite web |title=Integrity verdicts |url=https://developer.android.com/google/play/integrity/verdicts#device-integrity-field |website=Android Developers |archive-url=http://web.archive.org/web/20260215112831/https://developer.android.com/google/play/integrity/verdicts |archive-date=15 Feb 2026}}</ref>  

Since the Play Integrity API relies on Google to certify devices, any apps requiring <code>MEETS_DEVICE_INTEGRITY</code> or <code>MEETS_STRONG_INTEGRITY</code> are only allowed on operating systems that Google allows. This allows Google to exert [[Monopoly|monopolistic]] power by not certifying competitors' operating systems, since many apps choose to use the Play Integrity API instead of the Key Attestation API that is built into Android.<ref>{{Cite web |title=Apps & Games need PI |url=https://xdaforums.com/t/4677050/ |url-status=live |archive-url=https://web.archive.org/web/20260321132210/https://xdaforums.com/t/apps-games-need-pi-list.4677050/ |archive-date=21 Mar 2026 |website=XDA Forums}}</ref><ref>{{Cite web |title=Verify hardware-backed key pairs with key attestation |url=https://developer.android.com/privacy-and-security/security-key-attestation |website=Android Developers |archive-url=http://web.archive.org/web/20260126145522/https://developer.android.com/privacy-and-security/security-key-attestation |archive-date=26 Jan 2026}}</ref>

*ChatGPT<ref>{{Cite web |title=PlayIntegrity Verification failed - ChatGPT / Bugs |url=https://community.openai.com/t/1267945 |archive-url=https://web.archive.org/web/20260321132214/https://community.openai.com/t/playintegrity-verification-failed/1267945 |archive-date=21 Mar 2026 |website=OpenAI Developer Community}}</ref><ref>{{Cite web |title=Question - ChatGPT error: Preauth Playintegrity verification failed |url=https://xdaforums.com/t/4737618/ |url-status=live |archive-url=https://web.archive.org/web/20260321132235/https://xdaforums.com/t/chatgpt-error-preauth-playintegrity-verification-failed.4737618/ |archive-date=21 Mar 2026 |website=XDA Forums}}</ref>

This has led to users being unable to use apps on privacy-focused forks of Android, like [[GrapheneOS]].<ref>{{Cite web |title=Wallet - Google Pay |url=https://discuss.grapheneos.org/d/475/ |website=GrapheneOS Discussion Forum |archive-url=http://web.archive.org/web/20250708193935/https://discuss.grapheneos.org/d/475/ |archive-date=8 Jul 2025}}</ref>