Apparently Google Starts warning users of custom ROMs, requires white listing for Play Services usage

Has anyone come across those warnings described at XDA? https://www.xda-developers.com/google-blocks-gapps-uncertified-devices-custom-rom-whitelist/

It seems Google starts warning users with Customs ROMs or uncertified devices that have the play store installed and requires white listing the devices to continue using play services.

2 Likes

Thanks for pointing this out … doesn’t seem like it arrived on my LineageOS + Open GApps installation yet, but I will have a look at the Play Store more often now. Or perhaps the Google services will prompt me upon boot somewhen? I’ll just see.

At the moment I don’t see much of a problem with white listing the device as long as Google allows custom ROMs to run Google Apps that way … Google’s Apps, Google’s terms, still my decision to comply or dump Google.

Edit: Ok, the “uncertified” status is displayed already in the Play Store settings at least.

Edit2: Here’s the registration page you get at https://g.co/AndroidDeviceRegistration after signing in with your Google account …

For the “Android ID” you have to enter your IMEI, you can find that in Settings - About phone - Status - IMEI information or by dialing *#06# (displays the IMEI for both SIM slots, I guess you have to use the one you use for data, or you could register both, Google currently allows registering up to 100 devices per user).
After you hit “Register”, the page will display the registered IMEI right below the input field, so you can see it got acknowledged.

3 Likes

Interesting, thanks for sharing. I don’t have a custom rom atm. :smiley:

I like that they mention custom ROMs explicitly and provides an exception for it. I kind of understand the reasoning behind this security warning.

1 Like

If I understand the implications of the article linked in the first post, this allows GApps to still run on custom roms by basically ignoring CTS profile mismatches. I wonder whether this has implications for for the other SafetyNet features - seems people have put in quite some effort to bypass this in the past. Does registering basically mean you’ll always fail those device checks, but that google allows you to run it’s own apps (for now) and leave the decision for other apps over to the developers of those apps?

Thanks for the post.

Are you sure that the Android ID is the IMEI?

Anyway, I hope, they will keep the option to white list any device, my FP is running better with LineageOS than the FPos.

1 Like

There is a number-y thing mostly called Android Device ID you can get via adb or via an App that shows it to you, that’s what I tried first, but that isn’t what Google wants there, entering that ID will only give an error message.

Registering the IMEI works.

2 Likes

Yes indeed.
Only IMEI works.
Thanks.

You were fullr correct, as indicated by XDA:

Were you, like everyone else, having trouble registering your Android ID on the uncertified device registration page? You’re not alone. Apparently, it’s not looking for the “Android ID” despite what it says. Instead, it accepts your IMEI

Also, it seems it’s only required when root is activated.

So, to resume: in the future we may be required to enter here the IMEI of our phone to be able to use the Google apps with LienageAgeOS (custom rom) + root access.

1 Like

Another update at XDA …

“Apparently, the real number it is looking for is the GSF Device ID. More details on that here.”

Google updated the registering form, too … it now says “GFS Android ID” instead of “Android ID” earlier.

So you have to read out the Google Service Framework ID, convert it to decimal if you got it in hexadecimal and register that decimal number. Works for me so far, like the IMEI did.

I’m curious now whether all this actually helps in the end. My Google Play Store still says uncertified even after rebooting, but that could still be working as intended, as my device is by definition uncertified, it is only registered on a white list now (hopefully).

I should prepare to dump the Google stuff for safety’s sake, I only use the Play Store for convenience anyway :slight_smile: …

Yes indeed, both IMEI and GFS are working for me as well.

I don’t think you should expect the Playstore to indicate your device as “certified” but just to be able to use the PlayStore.

In the german thread about this topic @phonefrog asked an (at least for me) important question:

I wonder what will happen to Yalp Store? At the moment it seems to work.

For those who don’t know: Yalp Store lets you download apk’s directly from the Play Store with a fake G$$gle-account. The app is only ~1MB large and doesn’t have any dependencies.

For me it would be a major problem if they somehow manage to block Yalp Store, since then I’d have to download my apps manually via e.g. APKMirror.

2 Likes

Interesting info for me. I never used this mirror. How safe (malware, advertisments) would you think is APKmirror?

1 Like

I don’t know it too well, but I think I can remember that someone told me it is one of the best apk sites out there.
But I cannot guarantee for anything :wink:

2 Likes

This topic was automatically closed after 183 days. New replies are no longer allowed.