Immediately after the launch of the Huawei Mate 30 Pro, we showed how easy it was to install Google apps on the device, despite the phone not being legally allowed to have them in the first place. The app responsible for this, LZPlay, has now been taken down, following the release of a detailed explanation of the security backdoor used to install Google apps on the Huawei Mate 30 Pro.
For those who haven’t been following along, the Mate 30 Pro is the first Huawei flagship to release following their ban from producing devices with Google Play certification. This ban was very quickly bypassed by installing and running one single application sourced from a Chinese website.
This morning, John Wu, one of Android’s leading security researchers and the creator of Magisk, released his preliminary research into how the — admittedly, somewhat sketchy — LZPlay app was able to install Google apps on the Huawei Mate 30 Pro.
According to Wu, LZPlay uses some specialized Android permissions found only in Huawei phones, including the permission to install other apps as “system” apps. This was necessary because some Google apps are required to be system apps and the Huawei Mate 30 Pro was not allowed to have the usual “stubs” of Google apps.
Reportedly, these permissions can only be granted by apps that are digitally signed by Huawei, and for an app to be granted this signature, typically its code must go through a rigorous review process. Even more interestingly, of the special permissions granted, two of them aren’t even documented, which is a suspicious proposition.
While there’s no way to know how these various aspects were bypassed, it’s since become clear that the information was not meant to get out. Just hours after John Wu shared his research, LZPlay.net was taken offline, and previously downloaded copies of their APK no longer function as expected.
The bizarre story doesn’t end there, though. Alex Dobie of Android Central has noted that since LZPlay was taken down, Mate 30 Pro phones that already had Google apps installed no longer pass SafetyNet tests. SafetyNet, as you may recall, is Google’s way of making sure a device is valid, secure, and not rooted.
Soooo uhh this is new.
Since today's developments, Mate 30 Pro now fails SafetyNet. Last week it passed.
What the what pic.twitter.com/fPeaWUHD2v
— Alex Dobie (@alexdobie) October 1, 2019
Passing SafetyNet tests is one of the requirements to be able to use Google Pay, and our Damien Wilde demonstrated just days ago that Google Pay was working on his Mate 30 Pro after using LZPlay. Clearly, something has changed either in the SafetyNet process or on the Mate 30 Pro that is now causing the tests to fail.
With the tests now failing, Damien has found that Google Pay no longer works on his Huawei Mate 30 Pro.
So as per @alexdobie original tweet. Failed CTS check = no more Google Pay working. So I tested.
But considering this was working less than 2 days ago, this is not good. pic.twitter.com/0E8pGNtY97
— Damien Wilde (@iamdamienwilde) October 1, 2019
The main takeaway for most of us is that if you haven’t installed Google apps on the Mate 30 Pro by now, you’re likely out of luck until the US and China settle their ongoing dispute. Considering the Mate 30 Pro hasn’t properly gone on sale outside of China yet, that essentially means everyone but tech reviewers who got their units early will be stuck waiting.
More on Huawei Mate 30:
- Huawei Mate 30 Pro hands-on: Attempting to bridge the GApp [Video]
- [Update: Nope] Huawei confirms bootloader unlock for Mate 30 Pro
- This is how easy it is to get Google apps on the Huawei Mate 30 Pro [Video]
- Google says Huawei Mate 30 can’t be sold w/ Android or Google apps
FTC: We use income earning auto affiliate links. More.