Consider using the following integrity protection tools in addition to the Play Integrity API as part of your anti-abuse strategy.
Prevent untrustworthy devices from getting your app on Google Play
The Play Console allows you to prevent devices from getting your app on Google Play if the Play Integrity API finds those devices to be untrustworthy. You can use this setting to prevent users who would have a degraded app experience from getting your app in the first place. Note that excluding untrustworthy devices from Google Play distribution doesn't prevent a user from obtaining your app using another method such as another app store or sideloading.
You can exclude devices from Google Play based on the Play Integrity API’s responses in your Play Console. In the Release section of the left menu, go to Setup > App integrity. Select the Integrity API tab and choose a Distribution exclusion option.
Create Play Integrity API tests
You can create tests to evaluate how the Play Integrity API interacts with your app. For email addresses you specify, you can decide what integrity response they should get in your app from Google Play’s servers. This allows you to test how your app reacts to all possible responses.
You can set up a test in your Play Console. In the Release section of the left menu, go to Setup > App integrity. Select the Integrity API tab and find API testing to get started.