Google has discontinued SafetyNet, replacing it with Play Integrity API, making it more difficult for rooted devices and custom ROM users to pass security checks. The PlayIntegrityFork module helps bypass Play Integrity restrictions, ensuring that apps reliant on these checks function correctly.
This guide explains how to download, install, configure, and troubleshoot PlayIntegrityFork for Magisk users.
Table of Contents
Features of PlayIntegrityFork
- Bypasses Play Integrity checks, fixing MEETS_DEVICE_INTEGRITY failures
- Supports Magisk (Zygisk), KernelSU, APatch, and Zygisk Next
- Injects spoofed values only for Google Play Services DroidGuard
- Allows custom configuration via
custom.pif.jsonfor precise control - Automatically converts older configurations to the latest format
- Futureproof design to adapt to Google’s evolving security restrictions
Requirements
Before installing PlayIntegrityFork, ensure you meet the following requirements:
- Root access on your device
- Magisk with Zygisk enabled OR KernelSU/APatch with Zygisk Next
- Google Play Services must NOT be in Magisk DenyList (to prevent conflicts)
Developer Background
PlayIntegrityFork is based on kdrag0n’s Universal SafetyNet Fix (USNF) and ProtonAOSP but differs by offering a long-term adaptable spoofing method.
Unlike old SafetyNet fixes, this module does not rely on static fingerprints, ensuring greater flexibility for Play Integrity spoofing. Users can adjust the spoofed properties through custom configuration files, making it adaptable when Google updates security checks.
Download PlayIntegrityFork Module
The latest version of PlayIntegrityFork can be downloaded from GitHub:
Download PlayIntegrityFork Module
Always use the newest release to ensure compatibility with Play Integrity updates.
Installation Guide
Step-by-Step Installation Guide for Magisk Users
- Download the latest PlayIntegrityFork ZIP file from GitHub.
- Open Magisk, navigate to the Modules section.
- Select Install from Storage, then choose the downloaded ZIP file.
- Allow installation to complete, then reboot your device.
Once installed, PlayIntegrityFork should automatically apply the necessary spoofing adjustments.
How to Fix Play Integrity & SafetyNet Failures
1. Fixing BASIC_INTEGRITY Failures
- Disable all other Magisk modules and test PlayIntegrityFork alone.
- Avoid conflicting modules such as font injection or Xposed-based modifications that interfere with Play Integrity.
2. Fixing DEVICE_INTEGRITY Failures (KernelSU/APatch Users)
- Disable Zygisk Next, then reboot your device.
- Re-enable Zygisk Next, then reboot again.
- If using a custom kernel, check whether it’s on the banned kernel list by running:
adb shell uname -r3. Fixing DEVICE_INTEGRITY Failures (Custom ROM Users)
- Check ROM signing keys using:
adb shell unzip -l /system/etc/security/otacerts.zip- If signed using AOSP testkey, inform your ROM maintainer to sign the builds with private keys.
- If your ROM has signature issues, use the spoofing options in PlayIntegrityFork’s advanced settings.
4. Fixing Play Store & Google Wallet Issues
- Reflash PlayIntegrityFork in Magisk.
- Clear cache and data for the following apps:
- Google Play Services (
com.google.android.gms) - Google Play Store (
com.android.vending) - Google Wallet/Google Pay (
com.google.android.apps.walletnfcrel) - Reboot your device and wait up to 24 hours for Play Services to register the changes properly.
5. Action Button Not Triggering Spoofing Updates
After module installation, users should see an Action Button in their root manager app. Clicking this button will automatically apply the necessary spoofing configurations. If you do not see the expected changes after clicking the button, try the following:
- Reboot your device after clicking the Action Button.
- Ensure your root manager supports module actions.
- Check module logs using:
adb shell "logcat | grep 'PIF/'"Advanced Configuration – Using custom.pif.json
Users can manually control spoofed values using the custom.pif.json file. While this happens automatically via the Action Button, advanced users may still need manual customization.
Generating a custom.pif.json file manually:
- Open a root shell (
su) and navigate to the module folder:
cd /data/adb/modules/playintegrityfix- Run the following command to generate a preview fingerprint:
sh autopif2.sh --preview- Modify the generated values as needed before applying them.
This ensures greater flexibility when adjusting Play Integrity checks over time.
Check this also: Magisk Alpha
FAQs
The module fixes MEETS_DEVICE_INTEGRITY but does not bypass all security checks Google may introduce in the future. Users should monitor updates for compatibility adjustments.
Yes. If Google Play Services (com.google.android.gms) is in DenyList, PlayIntegrityFork will not work properly. Remove Play Services from DenyList to prevent interference.
Run the following command after boot to check module logs: adb shell "logcat | grep 'PIF/'"
1. Ensure custom.pif.json has valid spoofed values.
2. Disable conflicting modules such as Xposed-based tweaks.
3. If on a custom ROM, check whether AOSP testkey is causing failure.
4. If problems persist, consult the GitHub repository discussions for solutions.
Conclusion
With SafetyNet removed, PlayIntegrityFork provides the best method for maintaining Play Integrity compatibility on rooted devices. By following this guide, users can install, troubleshoot, and ensure apps reliant on Play Integrity checks remain functional.
(com.google.android.apps.walletnfcrel)(com.android.vending) adb shell unzip -l /system/etc/security/otacerts.zip adb shell uname -r