I know that running an app which possess sensitive information on a rooted device is not secure at all. So developers usually do root detection in such cases and if the device is found rooted,then that app won't get installed. everything is ok.
The major techniques used by developers in root detection are checking for the superuser.apk file,check for chainfire,busybox,executing su command,etc. But an attacker can simply bypass these checks by several means like renaming the superuser.apk to superuser0.apk.
So what I am looking for is a unique solution for this issue where the root detection checks cannot be bypassed by attacker. Please share your views even if such a solution doesn't exists. Because the solutions from you guys might help in atleast hardening the code of root detection.
There is not "the single solution" as far as I know but you will need to check for the most common things. The following article is also useful: https://blog.netspi.com/android-root-detection-techniques/
And here are some tips ... also what you should not do: Determine if running on a rooted device