Certain banking apps and e-wallets refuse to start on custom ROMs. Unrooting doesn’t seem to help much. The issue seems to arise from “insecure” settings in the ROM’s properties file. To reconfirm you can use the Rootbeer app. I suspect many apps use their library to check for signs of root access.
Update May 2022: Someone has written a more detailed and updated guide on Reddit, based on this blog post.
If your ROM has “insecure” property settings, you can edit them to fully unroot the ROM via different properties files. For some ROMs this file is inside the boot image and you will need to extract and repack it. For other ROMs, like LineageOS, the boot image just includes a link to the /system partition and you can directly change that file.
These settings in default.prop can prevent banking apps from working:
ro.secure=0 # should be 1
ro.debuggable=1 # should be 0
If you are using LineageOS (or some related ROM) you can sometimes edit those values directly on /system:
$ mount -o rw,remount /system
$ nano /system/etc/prop.default
So much for the simple cases. If the properties file is located inside the boot image, you can follow those steps to unpack and update the boot image using a command line tool, magiskboot, that comes with Magisk.
1. Using the ADB tool on your computer, become root ๐
$ adb root
Magisk, find magiskboot, copy to phone and change permissions ๐
$ adb push Magisk-v19.3/arm/magiskboot /data/local/tmp
3. Shell into phone and find boot partition ๐
$ adb shell
$ ls -l /dev/block/platform/soc/*/by-name/
4. Dump boot partition ๐
cd /data/local/tmp
chmod 555 magiskboot
dd if=/dev/block/mmcblk0p21 of=boot.img
5. Unpack boot partition to current dir ๐
mkdir repack; cd repack
../magiskboot unpack ../boot.img
6. Dump default.prop, make necessary edits and re-add to ramdisk ๐
../magiskboot cpio ramdisk.cpio "extract default.prop default.prop"
nano default.prop # make required edits and save.
../magiskboot cpio ramdisk.cpio "add 750 default.prop default.prop"
7. Repack boot image and write to partition ๐
../magiskboot repack ../boot.img ../new-boot.img
dd if=new-boot.img of=/dev/block/mmcblk0p21
Resources ๐
- man page of Magisk tools: https://topjohnwu.github.io/Magisk/tools.html
- usage examples: https://github.com/topjohnwu/Magisk/blob/master/scripts/boot_patch.sh