YinkoShield
Brief

knowledge center / theme 02

checkpoint architectures

What today's checkpoint substrates prove — mapped accurately.

Play Integrity, App Attest, EMV, FIDO2, SafetyNet legacy, behavioural biometrics, hardware attestation. Each article starts from primary sources — vendor documentation, RFCs, EMVCo books, FIDO Alliance specifications — and describes what the substrate proves, the window in which it proves it, and the boundary it explicitly leaves to other layers.

7 articles · technical reference · cite as published

seven substrates · what each proves and where it stops

Each row reads as a contract: what the substrate signs, the window in which the signature is meaningful, and the boundary it draws around what other layers must cover.

substrate what it proves window leaves to other layers
Play Integrity device + app + account integrity at API call point-in-time, per call runtime trajectory between calls
App Attest / DeviceCheck attested key on device + per-call signed assertion per-assertion what the app did between assertions
EMV / EMV 3DS credential authenticity at rail; descriptive device data at 3DS init transaction (rail) + auth-init (3DS) device-side flow producing the inputs
FIDO2 / passkeys private-key control + user verification + challenge per-assertion transaction body, unless a tx-confirm extension is in use
SafetyNet (legacy) device profile match + CTS-compatibility (deprecated) point-in-time, per call succeeded by Play Integrity from May 2024
Behavioural biometrics session-level behavioural similarity to a learned baseline session window with decay binding to a specific transaction body
Hardware attestation key + device certified by a chain rooted in vendor CA per-key, durable across calls what the runtime did with the attested key
how this theme is written

Each article is written so that an engineer who builds with the substrate would read it and recognise their work. Play Integrity, App Attest, FIDO2, and the rest prove what they prove. The unobserved interval — covered in the prior theme — is what these substrates explicitly leave to other layers, by design. Credibility comes from accuracy.

articles in this theme

type
depth
audience
  1. 01 · 2025·10
    explainer entry security developer architect

    Play Integrity verdict semantics

    What MEETS_BASIC_INTEGRITY, MEETS_DEVICE_INTEGRITY, and MEETS_STRONG_INTEGRITY actually mean. Verdict freshness, quota, and deprecation history.

    READ →
  2. 02 · 2025·11
    explainer entry security developer

    Apple App Attest and DeviceCheck — the attestation/assertion split

    Attestation versus assertion. The per-call assertion model. Where DeviceCheck and App Attest each fit and what each provides cryptographically.

    READ →
  3. 03 · 2025·11
    explainer intermediate security regulatory

    EMV credential authentication and EMV 3DS device-data scope

    What EMV proves at the rail. What EMV 3DS 2.x device-data fields cover. Where the two compose and where they each stop.

    READ →
  4. 04 · 2025·11
    explainer intermediate security developer architect

    FIDO2 and passkeys — what the assertion does and does not prove

    Challenge / response / signature. The phishing-resistance scope. What WebAuthn signs and what relying parties have to bind separately.

    READ →
  5. 05 · 2025·11
    case-study entry security developer

    SafetyNet's deprecation and the migration to Play Integrity

    What SafetyNet did, why it was sunset, what migration to Play Integrity preserves, and what it leaves to the operator.

    READ →
  6. 06 · 2025·12
    explainer intermediate security fraud-team

    Behavioural biometrics — observation scope and accuracy bounds

    Keystroke, gesture, and navigation analytics. Session boundaries, decay, and the false-positive bounds vendors actually publish.

    READ →
  7. 07 · 2025·12
    explainer deep security architect

    Hardware-backed attestation chains — Keystore, Knox, Strongbox, Secure Enclave

    What the X.509 attestation chain proves and where it terminates. Android Keystore, Samsung Knox, StrongBox, Apple Secure Enclave compared.

    READ →
external references — cited across this theme
  1. Google. Play Integrity API — Overview, verdicts and remediation, classic requests, deprecation of SafetyNet. developer.android.com/google/play/integrity
  2. Apple. Establishing your app's integrity (App Attest), DeviceCheck framework. developer.apple.com/documentation/devicecheck
  3. EMVCo. EMV Integrated Circuit Card Specifications — Books 1–4, EMV 3-D Secure 2.x, EMVCo Card-Present and Card-Not-Present specifications. emvco.com/specifications/
  4. FIDO Alliance / W3C. WebAuthn Level 2, CTAP v2.1, FIDO2 Server Requirements. w3.org/TR/webauthn-2/
  5. AOSP. Hardware-backed Keystore, Key and ID Attestation, StrongBox. source.android.com/docs/security/features/keystore
  6. NIST. SP 800-63B Digital Identity Guidelines — Authentication and Lifecycle Management. pages.nist.gov/800-63-3/sp800-63b.html
← back to Knowledge Center theme 01 · the unobserved interval → /eei →