Local-only device integrity detection APIs for detecting rooted (Android) or jailbroken (iOS) devices.
These checks are local and bypassable. For hardware-backed, server-verifiedDevice Attestation API — an opt-in package that complements these checks: use local detection as a fast offline pre-filter and attestation as the gate your server trusts.
attestation (Play Integrity / App Attest), see the
These APIs perform local detection only (file system checks, package detection, etc.) without any server-side verification. They're commonly used as one layer of defense in:
:::warning Limitations All detection methods are local-only and can be bypassed by sophisticated tools (Magisk + Shamiko, RootHide, PlayIntegrityFix, etc.).
isDeviceCompromised()Synchronously checks if the device is rooted (Android) or jailbroken (iOS).
Returns: true if device is compromised, false otherwise
Performance: <50ms
Emulator Policy: Returns false on emulators/simulators for development convenience.
verifyDeviceIntegrity()Asynchronous wrapper for device integrity verification.
Returns: Promise resolving to true if device is rooted/jailbroken
Performance:
isDeviceCompromised())Platform Differences:
isDeviceCompromised(). This additional check can detect OpenSSH installed by jailbreak tools.isDeviceCompromised(), provided as async wrapper for API consistency.Emulator Policy: Returns false on emulators/simulators.
| Method | Priority | Description |
|---|---|---|
| su binaries | High | /system/xbin/su, /system/bin/su, /sbin/su, etc. |
| Magisk | High | /data/adb/magisk, Magisk Manager package |
| KernelSU | High | /data/adb/ksu, KernelSU Manager package |
| APatch | High | /data/adb/apatch, APatch Manager package |
| Busybox | Medium | /system/xbin/busybox |
| Build props | Medium | ro.debuggable=1, ro.secure=0, test-keys |
| Superuser apps | Low | Legacy SuperSU, Superuser.apk |
| Method | Description |
|---|---|
| Jailbreak apps | Cydia, Sileo, Zebra, Installer 5 |
| URL schemes | cydia://, sileo://, zbra://, filza:// |
| System file write | /private/jailbreak.txt write test |
| DYLD injection | MobileSubstrate, libhooker, TweakInject |
| Symbolic links | /Applications, /Library/Ringtones |
| SSH ports | Port 22 (OpenSSH), Port 44 (checkra1n) |
| API | iOS | Android |
|---|---|---|
isDeviceCompromised() |
✅ | ✅ |
verifyDeviceIntegrity() |
✅ (+ SSH scan) | ✅ (async wrapper) |
false