Geek Answers Handbook

Do we really need this check for an application in iOS 6?

Last year, this Russian hacker created a way to check in-app purchases without paying, and this guy created a class to check every purchase .

As far as I know, this method, opened by a hacker, no longer works on iOS 6, but I'm not sure about that.

I am creating a new application for iOS 6 and trying to minimize the code to a minimum and even better than in my application that hosts content with Apple, so I wonder if this added check is really necessary for my case.

remember, that

  • I am developing for iOS 6 and above;
  • My applications host content with an apple, so even if the hacker technology works, a person will never receive content hosted with an apple.

any thoughts?

thanks.

+8
ios iphone ipad in-app-purchase
source share
1 answer

The vulnerability should be fixed in iOS6, but this does not mean that you should deviate from the best methods of checking checks in general. See Verification of receipt of receipts and Confirmation of receipt of purchase in the application on iOS for more information.

As mentioned in the links above, Apple recommends that you follow their best practices for validation validation, whether on iOS 5 or iOS 6. "Code simplicity" is not enough excuse to deviate from these recommendations. If you structure your code into clearly defined classes, you can abstract the entire validation logic into your own class, making code that uses it much cleaner anyway.

If you connect to the App Store directly from the application for verification, then they explicitly indicate (see. My application performs verification by connecting to the App Store server. How can I influence it? If you implement them in an abstract way (in a category or class), then it should still keep your code clean.

Even if your content is hosted by Apple, you still provide additional protection against fraud. Apple is not perfect; they can slip away, leaving your application open.

Ultimately , when you are dealing with your own income, you better play it safely than regret it later.

0
source share

More articles:


All Articles