Google's monthly Android security updates are generally welcome—at the very least, they provide a feeling of security that our device is now somewhat safer than it was 30 days ago. Vulnerability patches, slight enhancements to performance, and overall bug fixes are generally included in the monthly OTAs, but as it turns out, they're not always for the better.
Since the March OTA was pushed out last night, hundreds of Reddit users are reporting that Android Pay is no longer working due to a failed SafetyNet check. It started off with just a few people reporting the issue, but is currently picking up steam at an alarming rate, with multiple threads now actively discussing the topic.
Google has removed the Nexus 6 OTA which was causing Android Pay to break. This indicates that Google is aware of the issue, and hopefully is working on a fix. An Issue Tracker on Google Code has also been opened, and the Project Member assigned to it has stated the following:
We have passed this defect on to the development team and will update this issue with more information as it becomes available.
The exact reason for Android Pay breaking is still unknown. At this point, all we know for sure is that it has been breaking for those who have installed the March security patches. Reports on Reddit indicate that devices with the March security update don't pass the SafetyNet check that Android Pay relies on to ensure the device is secure enough for mobile banking.
The issue was first reported by tjharman, who has an unrooted Nexus 6 with a locked bootloader. The majority of affected users seem to have a Nexus 6, but there are a few Nexus 6P, Pixel, and Xiaomi Mi5 users reporting it as well. MichaelRahmani has shared an image of the results from his SafetyNet Test application.
While the situation was developing, Google published an update to the Android Pay app on the Play Store, but this still didn't resolve the issue. We've reached out to Google for a comment on the situation, but have yet to receive a response. We'll update this post if and when we hear back.
If you're among those affected by this bug, your options are fairly limited. The most passive approach would be to simply wait on Google to issue another update to fix the issue, but that could take as long as a month.
If you absolutely need to use Android Pay right now, but it's not working because of the March security update, your only other option would be to roll back your device's firmware by flashing the older factory images. We've covered that entire process in detail at the following link, so make sure to check it out if you're having problems with Android Pay.