How GPS spoofing works, and why apps detect it
How location, software fake-GPS and the mock-location flag actually work, and why an authentic RF signal produces a genuine fix that leaves no mock marker.
“GPS spoofing” gets used for two completely different things, and the difference is the whole story of why some methods get you caught and others don’t. One injects a fake coordinate in software; the other broadcasts a real signal. This is how each works, and what apps actually check.
How your phone knows where it is
A GNSS receiver (GPS, plus its siblings Galileo, GLONASS and BeiDou) listens for faint radio signals from satellites overhead. Each satellite broadcasts the time it sent its message; the receiver measures how long each took to arrive, turns that into a distance, and solves for the one point on Earth consistent with all of them. That solved point is your fix. Everything location-aware on your phone (maps, geofences, “nearby,” games) is built on it.
Software fake-GPS: injecting a coordinate
A fake-GPS app doesn’t touch the radio. It uses the operating system’s developer hook to hand the system a coordinate and say “report this instead.” It’s easy and free, and it leaves a fingerprint. On Android, any location produced this way carries the isFromMockProvider flag, and enabling it needs Developer Options and the “mock location” setting. On iOS, Apple bans these apps outright, so the software route needs a computer, a jailbreak, or a sideloaded app on a short-lived certificate.
Why apps catch it
Detection is mostly cheap because the software route is loud:
- The mock flag. One line reads
isFromMockProvider; a flagged fix is discarded. This alone catches the large majority of casual spoofers. - Integrity attestation. Play Integrity (Android) and jailbreak/developer-mode checks (iOS) notice the modified environment the software route needs.
- Cross-checks. A hardened app can compare your GPS fix against your network IP, the Wi-Fi and cell towers your phone can see, and your motion sensors, then flag a GPS position that disagrees with all of them, or that jumps faster than a human can travel.
RF simulation: a real signal, a genuine fix
AnyLocate works one layer lower. Instead of injecting a coordinate, it broadcasts an authentic satellite signal into the device’s own receiver, which locks on and computes the fix the normal way. At the mock-location layer the result is indistinguishable from a real position: there is no injected coordinate, so there is no isFromMockProvider flag, no mock-location setting, no root or jailbreak, nothing the common detectors are built to find. The position lands on real roads and updates smoothly because the receiver produced it itself.
VPN ≠ GPS
A frequent dead end: a VPN changes your IP address, not your GPS fix. Snap Map, Pokémon GO and most map features ignore IP and read the satellite position, so a VPN moves nothing on the map. Moving your map location means moving the fix, which is the GPS layer, not the network.
Where it stops
Being honest about the boundary is the point. Controlling the satellite signal sets everything derived from the GPS fix. It does not change your network IP, your account or billing region, the Wi-Fi and cell environment your phone senses, or your motion sensors, so anything gated on those (region locks tied to your login, IP checks, fused Wi-Fi location, step-counter cross-checks) is a separate matter. The satellite layer is the one AnyLocate controls, cleanly and completely; it doesn’t claim the others.