Google put in SafetyNet to make sure that Android Pay – and other banking and financial features in Android – remain secure from hacking or malicious attacks. This means that for Android Pay to work, SafetyNet will need to make sure that the firmware of the device is the approved and official version. This means no unlocked bootloaders, no custom recoveries, absolutely no root, and no custom ROMs.
For the longest time, most people have been able to bypass SafetyNet by using a tool called Magisk. In simple terms, Magisk bypasses SafetyNet on a per app basis. Still, a custom recovery is needed for Magisk to work. Up until yesterday, this was not a problem, until users suddenly started getting logged off their rooted apps by SafetyNet.
Apparently, SafetyNet has been updated – this is why you no longer are able to play Pokemon GO using Magisk on a rooted device. Pokemon GO also requires SafetyNet authentication and is usually one of the reasons why users with rooted devices use Magisk.
As of the moment, there is a workaround – but it will entail entering commands to a terminal emulator or through ADB. Check out the workaround here on this XDA thread, as we wait for Magisk to react and put out a working solution for this update.
[UPDATE] Magisk’s developer “topjohnwu” has already released a fix for this in Magisk version 13.3, where they SafetyNet update has been dealt with and normal Magisk operations can now be done. Make sure to download and flash the new version if you still want to use your mobile with root and SafetyNet.