Skip to main content

Failure in Attestation Process Detection

Definition

This configuration controls how the system handles exceptions during hardware-backed device attestation (device integrity verification).

  • When enabled, the system strictly detects and flags attestation failures as threats.
  • When disabled, certain attestation exceptions are ignored, allowing the application to continue functioning despite minor device-level inconsistencies.

Security Implications

Disabling this feature can improve user experience by reducing false positives and preventing unnecessary blocking of legitimate users. However, it may weaken security, as compromised or untrusted devices could bypass attestation checks.

Recommendation

Use this setting with caution. Disable it only in environments where user experience is a higher priority than strict security. For high-security applications, it is recommended to keep this feature enabled.