Google said the inspiration for the original Web Integrity project was Android's Play Integrity API, which already scans your phone for root privileges and denies access to things
That is just standard and a completely sensible security measure for preventing people from tampering with an application. It cannot replace proper, server-side security measures but is a big step. Especially for stuff like banking applications.
The problem with root is that banking applications and many others straight up actively try to detect it and refuse to work if you are rooted. Android is in the process of being completely locked down.
Last si rooted there were also workarounds, but they didn't always work, relying on the workarounds being updated to fight ever more advanced detection methods. It was a cat and mouse chase.
What's the workaround for apps detecting usb debuging or other user apps on your device? I'm not rooted, but use shizuku and WiFi adb for certain features on my android.