Skip to main content

Hello,

According to the official documentation, "Deprecation and shutdown policy for mobile SDKs," after Q3 2025, backend calls to projects.assessments.create will fail.

I would like to clarify the exact expected behavior on the Android client side for the SafetyNet.verifyWithRecaptcha API call after this shutdown.

Specifically, for the following code:

SafetyNet.getClient(activity)
    .verifyWithRecaptcha(siteKey)
    .addOnSuccessListener { response ->
        // Scenario 2: Does it succeed here with an invalid token?
    }
    .addOnFailureListener { e ->
        // Scenario 1: Does it fail here directly?
    }

After the Q3 2025 deadline, which of these two scenarios should we expect?

  1. Direct Client-Side Failure: The call itself will fail, and the addOnFailureListener will be triggered immediately (e.g., with an ApiException indicating the service is unavailable).

  2. Client-Side "Success" with Invalid Token: The reCAPTCHA v2 challenge will still be presented to the user. Upon successful completion, the addOnSuccessListener will be triggered, but the token included in the response will be unverifiable by our backend (which would then fail at the projects.assessments.create step).

Understanding the precise client-side failure mode is crucial for our migration planning and ensuring a smooth transition to the Play Integrity API.

Thank you for your guidance.

The shutdown produces both client side and server side (siteverify) failures. 

The shutdown is occurring during Q3, not after. The shutdown has already begun with increasing error rates until it is fully shutdown.  Currently 1% of requests are being rejected, next week it will be 2% and so on.

 

You should migrate *immediately* to reCAPTCHA Enterprise or some other solution.

Terms & ConditionsCookie settingsAccessibility statement
Privacy Policy Terms of Service Gen AI Policy Community Guidelines Cookie Settings

© 2025 Google. All rights reserved.