- Samsung looks worst than any other vendors (incl. Huawei) about permissions granted to pre-installed apps
- Apps probably set many hidden cookies and identifiers in logs, possibly share information with other apps and bypassing permissions ?
Quick note :
- figure 1 is not much readable
- figure 3 looks broken or misaligned
Before this was a thing I used a custom ROM on every device, but now it's quite difficult.
As a rule of a thumb if you install pure lineageOS+openGAPPS+fdroidPriviligedExtension you will have a working safetyNet. That means no root module (but you can get root by enabling adb if you really want it, e.g. for GSAM battery monitor I give it the battery stats permission from adb). With this setup my phone has google pay working.