[miki123211]

> This could be achieved using a USB dongle.

What stops one from selling access to that USB dongle over the internet, anonymously doing thousands of verifications per second, cardsharing[1] style?

With Google Play Integrity Protection, each such verification needs a human physically clicking buttons on the device, which makes things much harder.

[1] https://en.wikipedia.org/wiki/Card_sharing

[ulrikrasmussen]

Built-in rate limiting perhaps? What you describe is also just rate limiting, and buttons/swipes can always be faked, also on a smartphone using mechanized fingers. What do you think Play Integrity adds that cannot be done on a USB dongle?