I developed a Flutter app, and in my main.dart, I added logic to detect and block:

Rooted devices

Developer options enabled

Emulator devices

If any of these are detected, the app prevents access (e.g., it won't run or shows a block screen).

After uploading the app to the Play Store and submitting it for review, it got rejected with this error message: "Username or password you provided didn't work"

I suspect this is because the Play Store reviewers may be testing the app in an emulator or on a rooted/test device, which my app is blocking.

My Questions: Is blocking emulators, rooted devices, or developer options a valid reason for Google to reject the app?

If I need to block these for security reasons, what is the best way to implement it so it doesn't interfere with the Play Store review process?

Is there a way to allow certain test environments (e.g., Google Play review) to bypass these checks safely?

Some apps (like banking apps) don't run on emulators or rooted devices, so I'm wondering how they handle this.

Any guidance or best practices would be really helpful!