Pokémon GO’s aggressive root checking now looks for the existence of a TWRP and Titanium Backup folder
Pokémon GO was launched in 2016, and thanks to its blockbuster launch, it immensely contributed to the popularity of AR as a genre. We’re sure you’re already familiar with it, but for starters, it is pretty much a game where you can become a Pokémon Trainer yourself, go out into the real world and find Pokemon. With over 100 million installs on the Google Play Store, it has also seen a great degree of success globally, and it is a simple, yet exciting premise that’s easily accessible by anyone. Well, by anyone except for rooted/modded users, mind you. In an attempt to weed away cheaters, the game has become notoriously unfriendly for modded users, and a big part of the game’s active development goes into blocking these users and implementing better root detection methods.
The newest detection method in this list, which was first reported by Redditor fw85, involves potentially misusing filesystem access permissions to look for the existence of TWRP, which is the most popular custom recovery right now. Pokémon GO seems to be checking for the mere existence of a TWRP folder in your external storage, and if it manages to find it, then the game will lock you out. TWRP is used by many to install Magisk to get root access, which is why Niantic is blocking this in the first place. But it still seems like sort of a stretch, given how TWRP can be used to install a plethora of things that are not related to root methods. In addition, we’ve been informed the app is also looking for the presence of a Titanium Backup folder; Titanium Backup, if you haven’t heard, is the most popular root app to make complete backups of your applications.
Furthermore, according to XDA Recognized Developer Quinny899, the Pokémon GO app also manages to find the TWRP and Titanium Backup folders even if the app doesn’t have permission to read the external storage. That means you won’t be able to access Pokémon GO as long as those folders are there, even if you revoke storage permissions for the app since the game is reportedly exploiting a bug for its folder detection checks.
Game finds it without access to, albeit without using Scoped Storage either. pic.twitter.com/N6OaiEvZDO
— Kieron Quinn (@Quinny898) February 18, 2020
There could be easy ways to bypass this check, such as a TWRP build or Titanium Backup update that names the folders as something else. But it does become a game of cat and mouse at this point, as Niantic will keep adapting to check for TWRP and other custom recoveries, as well as Titanium Backup, (and who knows what else they extend this to), and developers may try to work around the latest detection. It does seem like Niantic does not intend to back off from aggressively checking for root access in Pokémon GO anytime soon. So if you really and truly care about the game, you might want to stay completely stock for the sake of your virtual pocket monsters.
Update 1 (2/18/2020 @ 12:28 PM EST): This article was updated to note that Titanium Backup is also being detected.