News: Google's March Security Update Breaks Android Pay on Some Pixel & Nexus Devices

Google's March Security Update Breaks Android Pay on Some Pixel & Nexus Devices

Google's monthly Android security updates are generally welcome—at the very least, they provide a feeling of security that our device is now somewhat safer than it was 30 days ago. Vulnerability patches, slight enhancements to performance, and overall bug fixes are generally included in the monthly OTAs, but as it turns out, they're not always for the better.

Since the March OTA was pushed out last night, hundreds of Reddit users are reporting that Android Pay is no longer working due to a failed SafetyNet check. It started off with just a few people reporting the issue, but is currently picking up steam at an alarming rate, with multiple threads now actively discussing the topic.

Update, 3/10/17:

Google has removed the Nexus 6 OTA which was causing Android Pay to break. This indicates that Google is aware of the issue, and hopefully is working on a fix. An Issue Tracker on Google Code has also been opened, and the Project Member assigned to it has stated the following:

We have passed this defect on to the development team and will update this issue with more information as it becomes available.

So, if you were affected by the bad OTA on your Nexus 6, be sure to star the issue and follow for more details. The official Nexus Twitter account has also stated that they're aware of the issue.

The Current Situation

The exact reason for Android Pay breaking is still unknown. At this point, all we know for sure is that it has been breaking for those who have installed the March security patches. Reports on Reddit indicate that devices with the March security update don't pass the SafetyNet check that Android Pay relies on to ensure the device is secure enough for mobile banking.

The issue was first reported by tjharman, who has an unrooted Nexus 6 with a locked bootloader. The majority of affected users seem to have a Nexus 6, but there are a few Nexus 6P, Pixel, and Xiaomi Mi5 users reporting it as well. MichaelRahmani has shared an image of the results from his SafetyNet Test application.

SafetyNet failing on an unrooted device with a locked bootloader. Image by MichaelRahmani/Imgur

While the situation was developing, Google published an update to the Android Pay app on the Play Store, but this still didn't resolve the issue. We've reached out to Google for a comment on the situation, but have yet to receive a response. We'll update this post if and when we hear back.

What You Can Do if You're Affected

If you're among those affected by this bug, your options are fairly limited. The most passive approach would be to simply wait on Google to issue another update to fix the issue, but that could take as long as a month.

If you absolutely need to use Android Pay right now, but it's not working because of the March security update, your only other option would be to roll back your device's firmware by flashing the older factory images. We've covered that entire process in detail at the following link, so make sure to check it out if you're having problems with Android Pay.

Hot Deal: Set up a secure second phone number and keep your real contact details hidden with a yearly subscription to Hushed Private Phone Line for Android/iOS, 83%–91% off. It's a perfect second-line solution for making calls and sending texts related to work, dating, Craigslist sales, and other scenarios where you wouldn't want to give out your primary phone number.

Cover image by Dallas Thomas/Gadget Hacks (background by vedanti/Pexels)

Be the First to Comment

Share Your Thoughts

  • Hot
  • Latest