Am I using Hide My Applist right for this?

We understand the frustration that arises when a familiar application suddenly refuses to function on a rooted Android device. The error message “This app isn’t compatible with your device anymore” is a common roadblock for users who enjoy the freedom of custom ROMs and root access. It often signifies that an app has implemented sophisticated root detection or Play Integrity checks. In this comprehensive guide, we will delve deep into the mechanics of hiding root from specific applications, analyzing the configuration of the Hide My Applist (HMA) module, and exploring alternative strategies to ensure that essential apps like OTC Health Solutions function seamlessly. Our goal is to provide a definitive, step-by-step analysis to resolve this compatibility issue.

Understanding the Root Cause of App Incompatibility

When an application on the Google Play Store declares that it is not compatible with your device, it is rarely a hardware limitation. Instead, this message is frequently triggered by software environment checks. For users with a rooted device, the primary culprit is SafetyNet Attestation or the newer Play Integrity API. These services verify the device’s integrity, ensuring that the operating system has not been tampered with.

The Evolution from SafetyNet to Play Integrity

Historically, apps relied on SafetyNet to detect root. However, Google has transitioned to the Play Integrity API, which is significantly more robust. The Play Integrity API checks for three main things:

1. Device Integrity: Verifies the device is running a genuine, unmodified Android build.
2. Basic Integrity: Checks if the device’s software has been tampered with.
3. Strong Integrity: Confirms the device is running a Google-approved Android build with no signs of compromise.

If your device fails these checks, the application (in this case, OTC Health Solutions) will block access. The fact that your banking app works indicates that its security measures are less stringent or that it is not utilizing the strictest levels of the Play Integrity API.

The Role of Play Integrity Fork

You mentioned using Play Integrity Fork. This is a critical component of the modern root hiding toolkit. Its primary function is to modify the device’s response to the Play Integrity API queries, allowing it to pass the integrity checks. However, passing the integrity check is only half the battle. Some applications perform additional, non-standard checks to see if known root binaries or management apps are present. This is where Hide My Applist comes into play.

Deep Dive into Hide My Applist Configuration

Hide My Applist (HMA) is an LSPosed module designed to hide the presence of specific apps from other apps. It works by intercepting system calls that allow an application to list installed packages. When an app tries to check if “Magisk” or “SuperSU” is installed, HMA can report that it is not there. Based on your description, we need to analyze whether your current HMA setup is sufficient for the OTC Health Solutions app.

Analyzing Your Selected Hooks

You have checked the following targets in HMA:

• System Framework
• Google Play Protect Service
• Google Play services
• Google Play Store
• OTC Health Solutions

While this seems like a logical starting point, we believe a more granular approach is required for high-security applications.

Is “System Framework” Necessary?

The System Framework is a broad target. Hooking into it allows HMA to hide lists of installed apps from the core Android system. While powerful, this can sometimes cause instability or conflicts with other system functions. For most root hiding tasks, you may not need to check this unless the app is specifically checking the system server for root artifacts. We recommend keeping it checked for now, as the OTC Health Solutions app appears to be very aggressive.

The Google Services Suite (Play Protect, Play Services, Play Store)

These are essential hooks. The Google Play Store and Play Protect Service are the gatekeepers of app compatibility. If an app checks the device’s security status via these services, HMA must intervene here. However, there is a nuance: Google Play services is a massive suite. Sometimes, hiding root from it can break Google Pay or other dependent services. In your case, since you are specifically targeting an app that relies on the Play Store’s compatibility check, these selections are correct.

The Target App: OTC Health Solutions

Crucially, you have checked the OTC Health Solutions app itself. This is a unique feature of HMA. By checking the target app, you instruct HMA to hide the existence of root-enabling apps specifically from OTC Health Solutions. This is a vital step. The app likely scans its own environment for files like su, busybox, or directories like /data/adb. HMA attempts to virtualize the file system view for the app, making those files invisible.

Why Your Current Setup Might Be Failing

Even with these settings, you reported “no joy.” There are several reasons for this:

1. Insufficient Hiding Scope: The app might be looking for traces of root in areas HMA is not currently covering. For example, it might be checking for the presence of the Magisk Manager app by a specific package name (e.g., com.topjohnwu.magisk).
2. Magisk DenyList vs. Allowlist: You are on Magisk v27.2-kitsune, which you prefer for its whitelist approach. However, some apps do not care about the DenyList/Allowlist; they care about the state of the device. If Play Integrity is not passing perfectly, no amount of HMA configuration will help.
3. Device Fingerprints: If the device is not passing the ctsProfileMatch check in Play Integrity, the app will block installation before it even runs. HMA does not fix Play Integrity; it only hides the app list.

Optimizing the Strategy: A Step-by-Step Refinement

To successfully run OTC Health Solutions, we must ensure every layer of detection is covered. We will approach this by reinforcing the Play Integrity fix and refining the HMA configuration.

Step 1: Verifying Play Integrity Status

Before tweaking HMA further, you must confirm that your device is passing the Integrity checks. The error message “This app isn’t compatible with your device” strongly suggests a failure here.

• Check Integrity verdict: Use an app like “Play Integrity API Checker” or “Mishaal Rahman’s Integrity Checker.”
• Interpreting Results: You need a result that says “MEETS_DEVICE_INTEGRITY” and preferably “MEETS_BASIC_INTEGRITY.” If ctsProfileMatch is false, the Play Integrity Fork might need configuration updates (like adding a custom fingerprint).

If the integrity check fails, HMA cannot solve the root cause. You must fix the device fingerprint first.

Step 2: Advanced Hide My Applist Configuration

If integrity is passing, then HMA is the next focus. We need to expand the scope of what is being hidden.

Hiding the Magisk Manager

A very common check performed by banking and health apps is looking for the Magisk app (the manager). If you have not done so, you should rename the Magisk Manager app. In the Magisk app settings, there is an option to “Hide Magisk” or “Rename Magisk app.” However, HMA can also do this.

• In HMA, ensure that “System Framework” is enabled.
• Check “Google Play Store” and “Google Play Protect Service.”
• Crucially, create a template in HMA that targets OTC Health Solutions. In the “App List” tab of HMA, select OTC Health Solutions. Then, go to the “Template” tab. You need to hide specific apps from it.
• You must ensure that Magisk (the management app) is hidden. Even if you renamed it, HMA needs to block the query.

The “System Server” Hook

Many users find success by enabling the “System Server” hook in HMA (this is sometimes bundled under System Framework or a separate category depending on the version). This hooks into the ActivityManagerService to fake the list of installed apps at the system level. If your current version of HMA allows for specific System Server hooks (like getInstalledApplications or getInstalledPackages), ensure these are active for your target template.

Step 3: Cleaning Up Residual Traces

You mentioned deleting the cache and data of the Google Play Store and rebooting. This is standard procedure. However, we recommend doing this in a specific order:

1. Uninstall OTC Health Solutions (if installed).
2. Configure HMA with the refined settings (ensure all target checks are active).
3. Clear Google Play Store Cache and Data (Settings > Apps > Google Play Store > Storage).
4. Reboot.
5. Attempt to install OTC Health Solutions from the Play Store.

This sequence ensures that when the Play Store checks for compatibility, it does so under the new HMA rules.

Alternative Methods and Considerations

If the combination of Play Integrity Fork and Hide My Applist continues to fail, there are other factors and tools within the Magisk ecosystem you should consider, even if you prefer your current setup.

The Limitations of Whitelisting

You mentioned a preference for the whitelist/allowlist approach found in Kitsune Mask. This is excellent for general stability and performance. However, it requires that you manually add every app that needs root access. It does not inherently help with apps that detect root but don’t need root themselves. The detection happens regardless of the allowlist. The allowlist only determines which apps are granted root permissions, not which apps can see the root binaries.

Introducing TrickyStore (Even if you don’t have it)

You mentioned you do not have TrickyStore. It is worth noting that TrickyStore is a companion tool specifically designed to work alongside Play Integrity fixes to handle “Strong Integrity” on devices that cannot technically have it (like custom ROMs). While you prefer your current setup, if OTC Health Solutions is demanding Strong Integrity (a very high security tier), Play Integrity Fork alone might be insufficient. TrickyStore spoofs the hardware-backed keystore to satisfy this check. This is a technical detail, but it explains why some apps refuse to run even if basic integrity is met.

Managing Shamiko (If applicable)

If you are using the standard Magisk app alongside Kitsune, or if you have Shamiko installed (a popular module for hiding root while keeping the Magisk app installed), the configuration matters. Shamiko relies on the DenyList (even though it’s a hiding tool). If you are purely on a whitelist Magisk fork, Shamiko might not be compatible. You must ensure that no other conflicting modules are active.

Troubleshooting Specific Error Messages

Deciphering “Contact the Developers”

The message “Contact the developers for more info” is often a generic response from the Google Play Store when an app is explicitly excluded from the user’s device via the android:requiresSmallestWidthDp or android:maxSdkVersion manifest entries, or when the device fails CTS (Compatibility Test Suite) checks. Since you have a rooted device, it is almost certainly the latter. The developers of OTC Health Solutions have likely set a strict policy in the Play Console to block devices that do not meet specific integrity standards to protect user data.

The “Frozen” Cache Trick

Sometimes, simply clearing cache isn’t enough. The Play Store maintains a complex cache of device information.

1. Force stop the Google Play Store.
2. Clear Data (this resets the Store, requiring you to sign in again).
3. Go to Settings > Accounts and remove your Google account temporarily.
4. Reboot the device.
5. Add the Google account back.
6. Open Play Store and let it refresh the device profile.

This forces a fresh handshake with Google’s servers, allowing the new Play Integrity and HMA settings to be recognized.

Conclusion: The Path Forward

To answer your question, “Am I using Hide My Applist right?” — your initial configuration is a good foundation, but it likely needs to be more aggressive. The OTC Health Solutions app appears to be using a multi-layered detection approach.

We recommend the following specific configuration:

1. Verify Play Integrity: Ensure ctsProfileMatch is true.
2. Expand HMA Hooks: Keep System Framework, Google Play Protect Service, Google Play services, and Google Play Store checked.
3. Target Template: In HMA, ensure there is a specific profile active for OTC Health Solutions that hides the Magisk Manager app.
4. Rename Magisk: Rename your Magisk Manager app to something innocuous (like “Settings” or a random string) using the built-in Magisk feature.

If OTC Health Solutions still refuses to function, the issue may be that the app requires Strong Integrity or uses a proprietary root detection library that HMA does not currently hook. In such a case, you might need to look into more advanced modules like TrickyStore to satisfy the Strong Integrity requirement, though that moves away from your preferred simple whitelist setup. However, based on the information provided, refining the HMA configuration to specifically hide the Magisk app from the target app and ensuring your Play Integrity status is perfect is the most promising solution.