SuperSu has been out since years, and Magisk is new as compared it SuperSu. Now both will get your device rooted. but each has a different way of working.
SuperSu
roots the device by completely changing some system files and even adding files to the system partition, this disables all sorts of security checks like SafetyNet Status and Forced Encryptions, due to which banking applications and apps like Android Pay and Netflix won’t work on your device.
Magisk
on the other hand has got you covered on all the cons that SupeSu has. It just modifies the boot image to magisk image (boot.img to magisk.img ) and does not add any extra files to the system and partition. This is called systemless root.This not only helps in preserving SafetyNet Status but also forced encryption can be enforced using the Magisk Manager application. Magisk also has an option to hide root from specific applications so you can use banking, Netflix and other apps even on a rooted device. Okay, we understand those were too many technical terms in a barrage. Let me explain. Starting off with System partitions, your Android device’s internal storage is divided or in better words partitioned into different parts like
/boot /system /recovery /sdcard /misc /cache etc.
Each partition has its own role, and it’s pretty self-explanatory. Like the /boot partition contains the ramdisk and kernel without the device would not boot at all. The recovery partition has the space for the device have its own or advanced recovery. the system recovery contains the Operating System itself. Modifying the partition, which is done by SuperSu causes the SafetyNet Check to fail. What is SafetyNet?
SafetyNet API
is designed to check whether a device has been tampered with–whether it’s been rooted by a user, is running a custom ROM, or has been infected with low-level malware, for example. Devices that ship with Google’s Play Store and other apps installed must pass Google’s Android “Compatibility Test Suite”. Rooting a device or installing a custom ROM prevents a device from being “CTS Compatible”. This is how the SafetyNet API can tell if you are rooted, it merely checks for CTS compatibility. Similarly, if you get an Android device that never came with Google’s apps like those cheap unbranded Chinese devices, they will not be considered as CTS compatible even though you did not try to root your device. To get this information, Google Play Services downloads a program named “snet” and runs it in the background on your device. The program collects data from your device and sends it to Google regularly. Google uses this information for a variety of purposes, from getting a picture of the wider Android ecosystem to determining whether or not your device’s software has been tampered with. Google doesn’t explain exactly what snet is looking for, but it’s likely snet checks if your system partition has been modified from the factory state. in short, causing the SafetyNet API to fail means breach of Google’s Security norms so you will be restricted from using some apps that check for SafetyNet Status. Now here’s where Magisk has the biggest advantage. Remember we had told you Magick does not modify the system and has a systemless root? This means that with Magisk you can preserve SafetyNet status and still be able to use apps that check for SafetyNet Status. Although SuperSu has updated itself over the time and has the option to hide root from specific apps, still SafetyNet is a big question mark for SuperSu as it still modifies the system for rooting. So now you probably know why we recommend Magisk over SuperSu.
Advantages of Magisk over SuperSu
Also, Magisk has it’s library of modules that are maintained by our cool developers, these modules are similar to Xposed Modules, however, Magisk modules are not backward compatible with Xposed modules, which means that you cannot xposed modules in magisk. And if you really need any Xposed Module badly, Magisk’s library has developed so much that you will find a similar module in Magisk which does the same job. Now you should not use an Xposed framework with Magisk. Why do you ask me? Well, the whole point of Magisk was to prevent system modification and preserve SafetyNet Status, and Xposed Framework modifies the system, hence failing the SafetyNet Status checks. Well, Google has been good at updating the SafetyNet API and it has even blocked the usage even after systemless root. But our developers at Magisk are too always working to update Magisk and to pass SafetyNet after systemless roots. It’s a cat-and-mouse chase between the two!