As far as I know, two out of three people are currently using Android smartphones and also most probably all of them know what is Android rooting and what are rooting tools. Currently, there are a number of rooting tools that are frequently discussed over  Android communities and the internet. Perhaps you must have rooted you devise already now using one of them. However, let's explore Magisk in details which has a higher reputation over almost all of the Android communities and Andoird forums.

Android Rooting 


Actually, there is no need to describe Android rooting as it is beign discussed in everywhere frequently. But as a beginning to the main subject we are going to discuss here, let's take a quick glance at Android rooting. As you know Android is originally realised as Open-Source platform and any person who has knowledge about coding and customizations can modify and distribute it as a modified version of Android. That is why we are having a different operating system on different smartphones.

Smartphone manufacturers customize the pure Android system along with customized user interface according to their preferences and ship the customized version with their smartphone models. So, now you may understand that all of the Android users are using an Android version that came through the middleman. This middleman does not want to allow users to acess the system partition, where all the essential files and commands have been stored that responsible for the Android customizations.

So, no further customization are allowed than stock customizations. Simply, you may understand now, if you need to customize your device yourself or have it customized from another party, you need to acess the system partition. This process is called as Android rooting or getting root acess. As all the system files are saved in the root directory in the system partition, getting root acess is used.


Universal Rooting Techniques


Perhaps you must have thought there are a number of rooting techniques as you can find out a number of rooting tools in various names. But, actually, there are only two standard techniques for Android rooting. They are,

  • Exploiting  Android Vulnerabilities - Acess the system partition of the device using the weak security point of the Android kernel and place the Su binary file in the system partition to grant the acess for apps when needed. All the one-click rooting tool are based on this technique

  • Flashing Root Binaries In Custom recovery - In this method, users have to install custom recovery in contrast to stock recovery and flash root binaries in recovery mode to acess the root directory

Note: If you are a Samsung Galaxy user who is trying to root with Odin, you do not need to install custom recovery image on your device as Odin  is compatible with Odin download mode

Untold Story Of Magisk Root


Now, its time to navigate the topic. As far As I know, Magisk has become the most popular rooting solution by now. Can you guess why? Perhaps you may know that already now. Google Safetynet is the reason for the higher popularity of Magisk.

Let's find out why. When you root your device. it becomes less secure for a mobile application and makes a less secure environment for a mobile app. Although a rooted device is not highly unsecured, most of the device manufacturers do not allow users root smartphones. As rooting avoid the Google default security features and grant administrator privileges to a prohibited party (the user), the device becomes more exposure to malware and the user's personal become less secure.

Considering the seriousness of the issue, The Payment Card Industry Security Standards Council recommended implementing controls to ignore the Andoird devices with root privilages in its security guidelines for developers of mobile payment acceptance apps.

Also,  Federal Financial Institutions Examination Council about mobile financial services and security has adviced to financial institutions to educate their customers about the risk of using rooted or jailbroken device for their mobile services and also, if their services are allowed on a rooted or jailbroken device before rooting or jailbreaking. But Magisk can allow users to use financial apps on rooted devices. Let's see how.


Google SafetyNet


Google Safetynet comes with several services and APIs to protect apps from security threats, device tamperings, fake users, harmful apps and bad URLs.SafetyNet Attestation API which is available under Google SafetyNet APIs is used by app developers to inspect the Android devices that their apps are running on. App developers can use this API as a part of their abuse detection system to find out if their servers interacting with apps are running on genuine Android or modified Android. So, if an app is beign attested by its developers using Google Safetynet, it is not compatible with rooted Android devices.


How Does Magisk Bypass The Google SafetyNet


Magisk has been designed to root your Android device tampering the boot partition instead of the system partition. Since SafetyNet Attestation API designed to evaluate the runtime environment (Dedicated execution environment for application or software offered by the operating system), it cannot evaluate the boot partition. So, Magisk can safely bypass the test by hiding the root acess from the related banking or financial app.


Conclusion


Technically, Android rooting is not a secured method. But, users cannot avoid it as it is a very useful technique. Therefore, Magisk seems to be a good option to use both root privilages and SafetyNet secured apps at once.