The error that the guest is experiencing is occurring due to the fact that the guest is attempting to utilize the app using a rooted device. Rooted devices are not considered an acceptable device to operate Punchh apps. This is mostly due to security reasons.
The reason for the failed verification could be any of the following:
1. No device (protocol emulator script)
2. Signs of system integrity compromise, such as rooting
3. Signs of other active attacks, such as API hooking. Currently, for security, we do block rooted devices. The current method does have the potential for a few outlier situations in which a device is blocked for other security reasons, such as signs of attack through API hooking.
A rooted device may (in some cases) may allow the operator of the device to utilize the app in ways that it was not meant to function, and sometimes can lead to the abuse of the loyalty program overall.
Punchh uses "Safety Net Google Api" for device verification (Root Detection) which is most robust and efficient. Also, there is a probability that a few devices will pass the device verification test and still get the error message.
We are working to implement an even more efficient method through our next app updates, however, for security purposes, it is important to keep these blocks in place.
While not ideal, users impacted are able to access rewards through the web, or on a mobile device that is not rooted.