ATM Ingress is not availabale anymore in Playstore on devices not meeting Strong Integrity. Meaning that all devices with an unlocked bootloader will become useless for Ingress when the next update is forced. Pokemon Go is (so far) still possible.
I'm getting this today on a OnePlus 6 without root and LineageOS 21. I'm getting real tired of this wave of hostile software lately, but please rush it to Pokemon GO already so I can just ditch Google services once and for all. I know whoever decided this couldn't care less, but it's either I run LineageOS, or an outdated and insecure stock OxygenOS. Or hey, buy me a modern flagship with comparable hardware and I'll shut up. If I had any IAP I'd be a lot more loud.
I get [MEETS_BASIC_INTEGRITY], like I've been getting for months, and as-reported by others.
Edit: Laughable; not even outdated and insecure stock OxygenOS is good enough (see next post)
Well, even on stock OxygenOS 11.1.2.1, locked bootloader, and MEETS_STRONG_INTEGRITY; basically as official, pure, and as-hardened as I can get it, Ingress Prime is still marked as incompatible in Play Store. Guess I gotta borrow a DoD employee's phone for some Ingress :p
Come on, Ingress isn't a banking or medical app; what on earth is it doing with harder requirements than those? If you're trying to eliminate cheaters, congratulations, you've done the exact thing people have been warning about for years with DRM: you've affected a legitimate player. On a niche GPS game. What the heck is going on at Niantic? I can deploy a microG and GPS spoof set-up and bypass this today with even more fun, so all this is incompatibility is doing is inconveniencing me from playing legitimately.
This can happen if you're using a device with an unlocked bootloader, if there's malware on your device, or if you did not download the official Ingress app from the Google Play Store.
This statement is misleading.
While it is technically true that it CAN happen for these reasons, currently the vast majority of verdicts that do not include STRONG_INTEGRITY will be from legitimate users on older phones. As strong integrity requires hardware-backed attestation and Android 11+, there are many phones out there that will never pass it.
From the Android Docs on Play integrity:
Tip: The MEETS_STRONG_INTEGRITY label offers the highest resilience against attacks and circumvention because devices returning this label include a strong guarantee of integrity, such as hardware-backed proof of boot integrity. However, fewer devices return this label compared to the MEETS_DEVICE_INTEGRITY label so it is recommended to either use it as part of a tiered enforcement strategy or for specific use cases where you're confident that your users have newer devices running Android 11 (API level 30) or higher that will return strong integrity.
Please let someone from your team create a report for you on what part of your userbase is accessing Ingress from a device configuration that, with no fault other than being old, will never pass strong integrity.
It would be great if Ingress could actually enforce strong integrity without causing issues for legitimate users, but at this point it's not possible.
STRONG_INTEGRITY is easy; I literally have 4 random, free, very-non-flagship phones that all do it out-the-box, and even my far-older OnePlus 6 does STRONG_INTEGRITY. I have a feeling that phones that really can't do STRONG_INTEGRITY today can't run a heavy Unity game like Ingress anyway with performance most people would tolerate. 2 of these phones are sluggish-enough that I wouldn't even consider Ingress, and yet I can still do it :p
Prior to the Ingress app update recently (prior to gold icon), only one of these phones was able to see Ingress in Play Store. Now today all of them can!
Integrity API sounds interesting but it looks like they're also enforcing the Play Store guidelines for when support ends for an OS. This is implemented every August (and October):
New apps must target Android 13 (API level 33) or higher; except for Wear OS apps, which must target Android 11 (API level 30) or up to Android 13 (API level 33).
Existing apps must target API level 31 or above to remain available to users on devices running Android OS higher than your app's target API level
I'm running Graphene. Meets Basic but not Device. The Graphene crew are super hard up about hardware attestation stuff and not unlocking the bootloader, yet I'm still having it refuse to download mine, even though people are saying it's been fixed to no longer need strong. I don't know what's going on. Tried restarting my phone, no change, still can't download.
Edit: Graphene has a Hardware Attestation Compatibility Guide for a more general purpose attestation that the Play Integrity API kind of does, but isn't tied hard to Google Play. Can't post links, so searching that phrase should find it pretty easily.
Instead of requiring Strong the Play Store now still checks for both Basic and Device integrity. Unless the crew can get the phone a Device integrity certification you'll need to download updates via APKs.
This is actually BS. I'm running GrapheneOS which is significantly more secure than any other flavor of Android.
Unless Niantic is hoping to bleed off it's Ingress player base even further it's a tremendously bad move to try to get people who want to run security and privacy focused forks of android to move back to a version of Android that gives unreasonable root access to google. I already need to enable the google fast location server access to play this game on GrapheneOS which is a decent anti-cheat technique since the location is improved using cell tower IP's, but it comes at the trade off of privacy, which I'm willing to make to play ingress.
I've had to resort to hot spotting my Pixel 7pro, and playing ingress on my old arguably insecure Note 9 with a cracked screen.
Come on Niantic are you trying to **** Ingress? Also why is the word that starts with k - and ends will ill get censored when referring to deliberately retiring Ingress. That word has MANY contexts that are not a call to action, and shouldn't be censored.
Comments
Oh,and now i see Ingress is not available for my device in PlayStore. But works. Hmmm
ATM Ingress is not availabale anymore in Playstore on devices not meeting Strong Integrity. Meaning that all devices with an unlocked bootloader will become useless for Ingress when the next update is forced. Pokemon Go is (so far) still possible.
Those with a custom ROM can start whining.
Strong integrity is available only on phones with security chip.That means Ingress requirements on support page should be corrected.
I'm getting this today on a OnePlus 6 without root and LineageOS 21. I'm getting real tired of this wave of hostile software lately, but please rush it to Pokemon GO already so I can just ditch Google services once and for all. I know whoever decided this couldn't care less, but it's either I run LineageOS, or an outdated and insecure stock OxygenOS. Or hey, buy me a modern flagship with comparable hardware and I'll shut up. If I had any IAP I'd be a lot more loud.
I get [MEETS_BASIC_INTEGRITY], like I've been getting for months, and as-reported by others.
Edit: Laughable; not even outdated and insecure stock OxygenOS is good enough (see next post)
Well, even on stock OxygenOS 11.1.2.1, locked bootloader, and MEETS_STRONG_INTEGRITY; basically as official, pure, and as-hardened as I can get it, Ingress Prime is still marked as incompatible in Play Store. Guess I gotta borrow a DoD employee's phone for some Ingress :p
Come on, Ingress isn't a banking or medical app; what on earth is it doing with harder requirements than those? If you're trying to eliminate cheaters, congratulations, you've done the exact thing people have been warning about for years with DRM: you've affected a legitimate player. On a niche GPS game. What the heck is going on at Niantic? I can deploy a microG and GPS spoof set-up and bypass this today with even more fun, so all this is incompatibility is doing is inconveniencing me from playing legitimately.
Labels: [MEETS_BASIC_INTEGRITY, MEETS_DEVICE_INTEGRITY, MEETS_STRONG_INTEGRITY]
Build fingerprint: OnePlus/OnePlus6/OnePlus6:11/RKQ1.201217.002/2111252325:user/release-keys
Brand: OnePlus
Device: OnePlus6
Model: ONEPLUS A6003
TestId: dGVzdGluZy00ODY0MmVmNi01ZDg0LTRjMGEtYTBkZS01ZjA1MjRkMmYwMzY=
As i see from new release - similar bug with device integrity checks was solved,so this probably won't happen too. For now.
https://community.ingress.com/en/discussion/22554/2-138-1-cannot-download-ingress-with-basic-integrity#latest
This can happen if you're using a device with an unlocked bootloader, if there's malware on your device, or if you did not download the official Ingress app from the Google Play Store.
This statement is misleading.
While it is technically true that it CAN happen for these reasons, currently the vast majority of verdicts that do not include STRONG_INTEGRITY will be from legitimate users on older phones. As strong integrity requires hardware-backed attestation and Android 11+, there are many phones out there that will never pass it.
From the Android Docs on Play integrity:
Tip: The
MEETS_STRONG_INTEGRITYlabel offers the highest resilience against attacks and circumvention because devices returning this label include a strong guarantee of integrity, such as hardware-backed proof of boot integrity. However, fewer devices return this label compared to theMEETS_DEVICE_INTEGRITYlabel so it is recommended to either use it as part of a tiered enforcement strategy or for specific use cases where you're confident that your users have newer devices running Android 11 (API level 30) or higher that will return strong integrity.https://developer.android.com/google/play/integrity/overview#have-tiered
Please let someone from your team create a report for you on what part of your userbase is accessing Ingress from a device configuration that, with no fault other than being old, will never pass strong integrity.
It would be great if Ingress could actually enforce strong integrity without causing issues for legitimate users, but at this point it's not possible.
STRONG_INTEGRITY is easy; I literally have 4 random, free, very-non-flagship phones that all do it out-the-box, and even my far-older OnePlus 6 does STRONG_INTEGRITY. I have a feeling that phones that really can't do STRONG_INTEGRITY today can't run a heavy Unity game like Ingress anyway with performance most people would tolerate. 2 of these phones are sluggish-enough that I wouldn't even consider Ingress, and yet I can still do it :p
Prior to the Ingress app update recently (prior to gold icon), only one of these phones was able to see Ingress in Play Store. Now today all of them can!
I wasn't aware SafetyNet was depreciated 🤔
Integrity API sounds interesting but it looks like they're also enforcing the Play Store guidelines for when support ends for an OS. This is implemented every August (and October):
New apps must target Android 13 (API level 33) or higher; except for Wear OS apps, which must target Android 11 (API level 30) or up to Android 13 (API level 33).
Existing apps must target API level 31 or above to remain available to users on devices running Android OS higher than your app's target API level
I'm running Graphene. Meets Basic but not Device. The Graphene crew are super hard up about hardware attestation stuff and not unlocking the bootloader, yet I'm still having it refuse to download mine, even though people are saying it's been fixed to no longer need strong. I don't know what's going on. Tried restarting my phone, no change, still can't download.
Edit: Graphene has a Hardware Attestation Compatibility Guide for a more general purpose attestation that the Play Integrity API kind of does, but isn't tied hard to Google Play. Can't post links, so searching that phrase should find it pretty easily.
Instead of requiring Strong the Play Store now still checks for both Basic and Device integrity. Unless the crew can get the phone a Device integrity certification you'll need to download updates via APKs.
Labels: [MEETS_BASIC_INTEGRITY]
Build fingerprint: motorola/lisbon_retaile/lisbon:12/S3RLS32.114-25-13/cdb96c:user/release-keys
Brand: motorola
Device: lisbon
Model: moto g(60)s
TestId: dGVzdGluZy0xNzRkYWQzMi0xN2FmLTRjMTYtYmM2Zi1hZmExYjA5MDg4MTc=
Not sure if this works? Or if my phone's too old..
Samsung Note 9
The game launches if I am connected to WIFI, and I restart a couple of times. If I try to do it on Cellular it Fails with a failure to authenticate.
Labels: [MEETS_BASIC_INTEGRITY, MEETS_DEVICE_INTEGRITY, MEETS_STRONG_INTEGRITY]
Build fingerprint: samsung/crownqltesq/crownqltesq:10/QP1A.190711.020/N960USQU9FVG2:user/release-keys
Brand: samsung
Device: crownqltesq
Model: SM-N960U
TestId: dGVzdGluZy1iNjAyZWFiYi05Y2ZmLTRmYzktOTNmMy00YzM0MTg1YTA2MzM=
This is actually BS. I'm running GrapheneOS which is significantly more secure than any other flavor of Android.
Unless Niantic is hoping to bleed off it's Ingress player base even further it's a tremendously bad move to try to get people who want to run security and privacy focused forks of android to move back to a version of Android that gives unreasonable root access to google. I already need to enable the google fast location server access to play this game on GrapheneOS which is a decent anti-cheat technique since the location is improved using cell tower IP's, but it comes at the trade off of privacy, which I'm willing to make to play ingress.
I've had to resort to hot spotting my Pixel 7pro, and playing ingress on my old arguably insecure Note 9 with a cracked screen.
Come on Niantic are you trying to **** Ingress? Also why is the word that starts with k - and ends will ill get censored when referring to deliberately retiring Ingress. That word has MANY contexts that are not a call to action, and shouldn't be censored.