At Cash App, our Play Integrity-based device attestation platform prevents roughly $150,000 in fraudulent reimbursements every week. It blocks ~2% of daily account sign-ups and triggers 13% of all login blocks. Building it took multiple years, hard tradeoffs, and a long list of bugs that taught us how attestation actually works under the hood. This talk is the practical guide I wish I'd had when we started. In May 2025, Google quietly changed the rules: Play Integrity verdicts now require hardware-backed signals by default on Android 13+. For most teams, this changes which devices pass, which fail, and how you should think about enforcement. If your mental model of attestation is still rooted in 2023, this session is for you. We'll cover the full picture. The Classic vs. Standard decision, and why most teams pick wrong. How to build retry and backoff logic that holds at 98% token success without blowing through your daily quota. How client and server roles actually fit together, and the specific places where the documentation glosses over what production demands. How to design tiered enforcement that catches abuse without locking out the user whose only mistake was rooting their phone. And the war stories. The bug that taught us nonces are not what we thought they were. The week the migration almost shipped with a silent regression. The dashboard moment when we realized 13% of login blocks were now flowing through our system, and what that meant for the engineers on call. After this talk, you'll be able to: - Choose between Classic and Standard attestation deliberately, based on your actual use case - Design retry and backoff logic that survives real production conditions - Build a tiered enforcement strategy that combines Play Integrity with backend signals, without driving false positives through the roof - Reason clearly about the post-May-2025 hardware-backed attestation landscape and what it means for your app A 40-minute session for intermediate-to-advanced Android engineers building security-sensitive features. Heavy on real-world implementation, light on documentation regurgitation.