Failure in Attestation Process Detection
Definition
This configuration controls how the system handles exceptions during hardware-backed device attestation (device integrity verification).
- When enabled, the system strictly detects and flags attestation failures as threats.
- When disabled, certain attestation exceptions are ignored, allowing the application to continue functioning despite minor device-level inconsistencies.
Security Implications
Disabling this feature can improve user experience by reducing false positives and preventing unnecessary blocking of legitimate users. However, it may weaken security, as compromised or untrusted devices could bypass attestation checks.
Recommendation
Use this setting with caution. Disable it only in environments where user experience is a higher priority than strict security. For high-security applications, it is recommended to keep this feature enabled.