For those who had issues with Xposed like me, you can temporarily disable Riru module from magisk and restart.
Alternatively: you can go full crazy and decompile the apk.
Won’t go in depth into all steps, as it’s nearly 1hr of messing around.
However, root chekcing happens at the SplashScreenActivity
invoke-virtual {p1}, Lcom/mpesa/splash/viewmodel/SplashViewModel;->checkDeviceIsSecure()Landroidx/lifecycle/LiveData;
move-result-object p1
#insert fake check
const/4 v7, 0x1
invoke-static {v7}, Ljava/lang/Boolean;->valueOf(Z)Ljava/lang/Boolean;
move-result-object v7
invoke-virtual {p1, v7}, Landroidx/lifecycle/LiveData;->setValue(Ljava/lang/Object;)V
#end fake check
This specific one is for MPESA - early access app.
const/4 v7, 0x1 is setting forcefully setting the test “checkDeviceSecure” as true 0x1
For a more in-depth guide on what all this means, see
also for obvious security and legal reasons I can’t post the modded apk here.