Earlier in the week, it was reported that Netflix had adopted Google’s Widevine Digital Rights Management protocol in version 5.0 of its app, which prohibits non-Google certified devices, or those which have been rooted, from being able to download certain apps from the Play Store. However, recent reports suggest Netflix may not have utilized Widevine at all, but instead a new tool made available to all developers through the Google Play Console.
It’s called SafetyNet Attestation and, when enabled for an app’s Play Store listing, it prevents that software from being installed to devices not accounted for in Google’s Device Catalog, according to AndroidPolice. Rooted devices, as well as those with custom ROMs installed, would not pass certification, so they’d be unable to receive these apps.
Why has Google done this? Just like all DRM tools, it’s in the name of avoiding piracy. Android phones which have been rooted — a term that means you have modified the operating system to gain complete and unrestricted access to the file structure and inner workings — may make it easier for people to pirate shows and movies downloaded from Netflix. The company recently introduced mobile downloads through its app, making this more of a concern.
However, rooting an Android phone is popular among those who like to change the look of the software, change the ROM itself, uninstall pesky apps forced on you by carriers, and play around with the device’s performance. Developers also often have phones with root access to test apps. It takes some effort to root a phone, so if you’re not sure if your phone is rooted, then it probably isn’t.
There are exceptions. Some phones, particularly imported models, often have custom ROMs installed by the importers, and are therefore rooted when you buy them. If you own a Xiaomi, Meizu, Oppo, or any number of other popular import-only Chinese phones, this may include your device. For example, the official Netflix app does not show up at all in the Google Play Store on our imported Xiaomi Redmi Note 4X, although we have not changed the software ourselves.
While the existence of Widevine was discouraging for users of such devices, SafetyNet is potentially more limiting because it allows developers to effortlessly exclude them, with just the click of a drop-down menu in the Google Play Console.
Interestingly, however, employing SafetyNet in this manner doesn’t prevent rooted devices from being able to run the app in question — just their ability to download it from the Google Play Store. Which means you can still grab Netflix through third-party APK hosting sites, though that is hardly a perfect solution.
With SafetyNet Attestation, Google is, in effect, forcing users of rooted devices to go to potentially shady corners of the internet to download apps that have always been historically available to them. And that is a bit disconcerting, considering shoring up security on the platform has consistently been named one of the Android team’s foremost goals.
What is the solution? We’ve contacted Netflix for confirmation of the situation and asked if it has any advice for subscribers who may be affected by the app update. In the meantime, if this has you worried that you will miss the impending return of House of Cards, it is possible to unroot a mobile device, a process we explain here, and that should let you download the app from the Play Store again. This will not be applicable to everyone, though, ensuring that despite advances, DRM schemes have lost none of their ability to frustrate.
Article originally published on 05-15-2017 by Andy Boxall. Article updated on 05-19-2017 by Adam Ismail: Added news that Netflix may have employed SafetyNet Attestation, rather than Widevine.
