This is becoming a common refrain, but Magisk has been updated to bypass SafetyNet, again. Just a few days ago Magisk developer topjohnwu told us that he was hard at work on a fix. While he wasn't able to provide a firm date at the time, he may have over delivered on his promise of "soon." The latest update, v13.3, escapes SafetyNet detection. Your Magisk Manager app should prompt you for an update sometime soon.
If you haven't been following, in the past few weeks Google has been hard at work trying to detect SafetyNet circumvention through Magisk. Google rolled out two new detection methods for the application in as many weeks. But, topjohnwu says, "there is still a long way till I run out of ideas."
You can download the latest version over at the dedicated XDA thread for releases, but I was able to update all my devices quickly via Magisk Manager. Just open the app, wait for it to search for updates, install the Magisk Manager apk update that should appear in your notifications, re-open the app, and then tap "Download & Install" to pull down the latest zip. You don't have to do things in that order, but if you do, you'll see a snazzy new verbose output during the installation process. And, once you reboot, you'll be ready to tap, pay, and Poké to your heart's content.
The latest update was able to work around Google's new detection method by resetting the props Google was using to detect Magisk via the new aptly-named "resetprop." Basically, it's an extension of the workaround found previously by XDA user [email protected], but now it persists after reboots. Magisk Manager was also massively rewritten (as shown above) with a flashy new verbose installation screen.
The seemingly endless game of cat and mouse between Google and Magisk hasn't ended yet, but Google isn't resting. I wouldn't be surprised to see another update made to SafetyNet soon with a new method of detecting Magisk. Thankfully, topjohnwu is around to keep things interesting. At least in the meantime, users who choose to root, or who need Magisk just to pass SafetyNet on a custom ROM, can do so without repercussions.