SPIC (Simple Play Integrity Checker) is a user-friendly Android application designed to showcase the functionality of the Play Integrity API, along with the now-deprecated SafetyNet Attestation API. This app serves as a practical tool for developers and security enthusiasts interested in understanding and implementing these APIs.
With SPIC, users can evaluate the integrity verdict provided by these APIs directly on their device. Alternatively, the app allows for the verdict to be sent to a remote server for validation. Note that the remote server must be self-hosted at this time, as there is no official server provided for this purpose.
As an open-source project, SPIC offers transparency and community involvement. The source code for both the Android application and the server implementation is readily available on GitHub. You can access the Android app code at /herzhenr/SPIC-android and the server code at /herzhenr/SPIC-server.
By exploring SPIC, users gain insights into the practical application of Play Integrity and SafetyNet Attestation APIs, enhancing their understanding of device integrity and security measures in Android environments.
