SafetyNetClient

Provides attestation results for the device.

An attestation result states whether the device where it is running matches the profile of a device that has passed Android compatibility testing.

When you request a compatibility check, you must provide a nonce, which is a random token generated in a cryptographically secure manner. You can obtain a nonce by generating one within your app each time you make a compatibility check request. As a more secure option, you can obtain a nonce from your own server, using a secure connection.

A nonce used with an attestation request should be at least 16 bytes in length. After you make a request, the response SafetyNetApi.AttestationResponse includes your nonce, so you can verify it against the one you sent. You should only use a nonce value once, for a single request. Use a different nonce for any subsequent attestation requests. For tips on using cryptography functions, see Security Tips .

Prompts the user to enable Verify Apps if it is currently turned off.

Initializes the Safe Browsing API.

This method must be called prior to calling lookupUri(String, String, int...) .

Determines whether Verify Apps is enabled.

Gets a list of known, potentially harmful apps installed.

Checks whether a URI is known to have specific threats.

Safely shuts down the Safe Browsing API, releasing a resources from the system.

This method should be called when the client is no longer using the API, which includes when the client's Activity is no longer visible.

Provides user attestation with reCAPTCHA.

If reCAPTCHA is confident that this is a real user on a real device it will return a token with no challenge. Otherwise it will provide a visual/audio challenge to attest the humanness of the user before returning a token.