The Octopus app launches "Octopus on Android" starting from version 12.0.0 which allows Android device to add the Octopus card to Google Wallet for payment (https://www.octopus.com.hk/en/consumer/mobile-payment/android-octopus/about/index.html).
They used to enforce SafetyNet/Play Integrity API but it is likely that the level is raised to MEETS_STRONG_INTEGRITY
along with the rolling out of this feature
to check whether a device has been tampered with – whether it has been rooted by a user, is running a custom ROM, or has been infected with low-level malware
(https://www.octopus.com.hk/en/consumer/customer-service/faq/wallet/security-and-privacy.html).
Relevant discussions on Hong Kong-based forums show that some users with rooted phones and tricks to spoof Play Integrity (MEETS_DEVICE_INTEGRITY
) cannot make the app work, which further hints that the app shifts to enforce MEETS_STRONG_INTEGRITY
(https://lihkg.com/thread/3677291/page/1, note the language is Chinese).
At this moment there is no way to properly use this app on a non-Google-certified OS.