We have recently noted an increase in mobile devices having a compromised state, due to failing the SafetyNet attestation. Has anyone experienced this and how reliable is this check?
To the first part, no, I haven't seen an unusual uptick. To the second part, I recall a couple of years ago, an OTA android update caused some issues. Keep in mind that it is whitelist design, so false positives are almost inevitable. I could see a scenario where if a phone hasn't been updated or perhaps the manufacturer gone out of business, it might fail simply because SafetyNet doesn't have a matching signature for the system anymore. Another false positive could be if the device has an unlocked bootloader. Several phones ship with that capability and if a user doesn't know what they are doing, they may have unlocked the bootloader. The other thing to check on too is people are now buying phones on secondary markets (e.g. eBay) since they are so expensive. Folks may be buying unlocked or rooted phones without knowing it.