Many people owning Android mobile phones have the option of unlocking the phone’s bootloader. This allows users to install and boot their own Android installations, granting more control and freedom over the device than the stock operating system provides. However, most phones do not have the ability to relock the bootloader with a custom Android build installed, and the bootloader must be kept unlocked. This poses a major security risk, as absolutely anybody with physical access to a bootloader-unlocked phone can modify its contents, allowing the installation of malware and backdoors. The user of a bootloader-unlocked phone may not realize their device is infected until they first unlock their phone, at which point their data is decrypted and it may be too late to prevent exfiltration. This project implements a method of verifying the integrity of an Android installation before the phone boots, using a personal computer that boots a custom recovery image on the device via Fastboot. This recovery sends all user-modifiable system files to the verifier program on the PC, which compares the contents and metadata of these files against expected values and warns the user if any unauthorized modifications to the Android installation have been made.