I use it as it's included in GrapheneOS. But highly recommend for every supported device.
Hardware-based attestation / intrusion detection app for Android devices. It provides both local verification with another Android device via QR codes and optional scheduled server-based verification with support for alert emails. It uses hardware-backed keys and attestation support as the foundation and chains trust to the app for software checks.
It checks if your phone has been tampered with from another source. I think it's highly useful for alternative OSs and Android phones that don't have hardware security modules aka TPMs like Pixels with Titan Ms or Samsungs with KNOX or iPhones with Secure Enclave. I don't think it's working with Android 11 anymore. I tried another app called Key Attestation Demo that does the same thing on phone and it says it has no longer access to StrongBox/hardware security module. Whatever Android did, they kicked everyone out of using StrongBox starting with 11 other than OS processes lol. See screenshots.
Seems Google is enforcing a strict whitelist on what certificates can utilize StrongBox now. Almost everything is relegated to Trusted Execution Environment which is still very very secure unless you are subject to an active side channel attack. Long story short, Auditor hasn't been working for me since I updated to Android 11.
Auditor v20 released: https://github.com/GrapheneOS/Auditor/releases/tag/20 Also: As always, the latest Auditor will be bundled in the next release of GrapheneOS but you can install it now. There will be a release of GrapheneOS in the next few days. It will include a couple other Android 11...
It's also fully compatible with Android 11 as I say before. (Otherwise it wouldn't be included in GrapheneOS - now based on Android 11)