I have an app with 1 non-consumable in-app purchase to unlock extra functionalities. I implemented in-app purchased and it working in my sandbox environment. My question is, do I need receipt validation? It is mandatory or optional? Would my app be rejected if there's no receipt validation?
Asked
Active
Viewed 758 times
1 Answers
1
Apple has no way to detect if you have done receipt validation. Eg, with iOS7 and later, receipt validation can be done purely on the device. Validation is for your use to help assure you that the purchase is valid. If you don't care if the purchase is fraudulent or otherwise invalid, then don't do it.
Chris Prince
- 7,288
- 2
- 48
- 66
-
Just to augment this, if you plan on doing anything serious with IAP, you'll need to write/find receipt validation at some point. If you're not under some sort of deadline (and I can imagine few cases where a deadline would be more important than securing something that you're offering for real money), take the time to suss it out now in the simple 1-item case and at least get familiar with it before you get more complicated scenarios. – Brad Brighton Feb 09 '15 at 04:11
-
For a one-hit wonder or typical enterprise app, what is the likelihood of this fraud existing or of a concerning scale? Wouldn't someone have to have a jailbroken & cracked app? I'm just wondering if we are protecting against one lone hacker and his mates or a fundamental widespread, global fraud. – GilesDMiddleton Apr 25 '15 at 09:22
-
This is a tradeoff question about risk and potential loss, and the cost of protection. It would be interesting to know statistics about such fraud. At the end of day, what will it cost you now, or in the future to be vulnerable to such fraud? My personal tendency is to take all reasonable steps for protection, and then don't worry until a problem arises. – Chris Prince Apr 25 '15 at 14:57