We would like to allow our users to activate a service on one of our servers with each app purchased from the Android Market, verifying that the user has really purchased the app.
For this purpose we are evaluating to use Google Checkout's Notification History API, which allows us to query from our server the status of a Checkout Order ID.
Now the problem is that we don't know how to obtain the Checkout Order Id from the app itself.
With the new in-app purchases API we can get Checkout Order Id for each one of the in-app purchases, but not for the app purchase.
A better solution for getting confirmation of an app purchase is by using the Market Licensing Verification Service.
The purpose of this library is to let your app confirm that the user has actually purchased the app in question.
In order to check the transaction from your external server, you can use the techniques described under the heading "Offload license validation to a trusted server" on this blog post.
In essence, it suggests that you send a copy of the license server response, contained inside the ResponseData class, along with its signature, to your online server. Your server can then verify that the user is licensed.
Since the license response is cryptographically signed, your server can check to make sure that the license response hasn’t been tampered with by using the public RSA key stored in the Android Market publisher console.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With