It is very common to happen during the migration period. The token generated by the new reCAPTCHA Enterprise Android SDK is designed to be backward-compatible with the legacy https://www.google.com/recaptcha/api/siteverify endpoint.

It allows to update client-side applications first without immediately breaking the existing backend verification logic.

Furthermore, the old siteverify endpoint only provides a basic boolean success response. You are missing the key benefit of reCAPTCHA Enterprise: the risk score. To get the detailed risk analysis and score (e.g., assessment.riskAnalysis.score), you must complete the migration and have your backend call the new assessment endpoint https://recaptchaenterprise.googleapis.com/v1/projects/{project}/assessments

You must proceed with migrating your backend. Because legacy endpoint will be shut down according to the deprecation policy, and your verification will stop working at that point. Let me know in comments if you face same issue, I will guide you further