Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

iCloud makes it possible for users to "steal" In-App Consumables

Tags:

objective-c

iphone

in-app-purchase

icloud

In my app, users purchase consumables, let's say suitcases, that are stored in Core Data. When the user first installs the app, I give them a freebie to get started. The app can't function without at least one suitcase set up.

But if the user installs the app on their iPhone and then their iPad and syncs the two, they now have 2 suitcases. And if they uninstall the app on either device, then reinstall and sync it, they've just gained an extra one and they can do that indefinitely.

I can see two solutions, but none of them seem right:

  1. Add a value to NSUbiquityKeyValueStore when the user first syncs with iCloud. Check this value on first launch. If it's nil, create the freebie, if it's not, sync data. But this creates a problem. What if the user disables iCloud or has no internet connection on first launch. The app would create the freebie, then when iCloud is available, sync the duplicate, and they could do this as many times as they like.

  2. Somehow match the default items on each app. I had the idea of matching objectIDs or timestamps, but these would vary and I'm not sure how to handle it.

Does anyone know anything I could do about this?

EDIT:

Using a prepackaged database plus migratePersistentStore:toURL:options:withType:error: seems to be the way to go. Will post an answer with code if it works for me.

like image 209
nathan Avatar asked Oct 16 '11 06:10

nathan

2 Answers

If you're not validating receipts and keeping track of what consumables users own on your own servers you're doing it wrong. You're basically trusting the user to be decent and honest, which is generally always a bad idea.

When you use in-app consumables you should be keeping a log on a sever somewhere of what your users has purchased. That way, every time your app starts up it can verify with the server that the expected number of consumable goods are present.

like image 86
lxt Avatar answered Nov 07 '22 21:11

lxt

Use of iCloud implies network connectivity. As soon as a device connects to the network, you can validate receipts and log consumption of a consumable on your own servers.

like image 21
hotpaw2 Avatar answered Nov 07 '22 21:11

hotpaw2
Sign in to Comment

Related questions

How can I add "load more" option to table view
Reachability causes crash after no network situation -- how to properly use Reachability asynchronously
What could cause mergeChangesFromContextDidSaveNotification not to merge/invalidate objects that have been updated?
send push notifications to iphone from python
How do I "connect" a table view to a view controller
How to Handle SIGKILL,SIGABRT, Signal-0 exceptions through Exception Handling in iPhone programming
adding products in itunes connect
sandbox leaderboard empty
facebook post to wall dialog is empty
Permutations/Anagrams in Objective-C -- I am missing something
Scale UIView without scaling subviews
How to uncompress a gzip file and write that out to an uncompressed file, on iPhone
Rotating a UIAlertView
Add In-app Purchase Item after app available on App store without updating app
Adding Core Data to iPhone app with existing (plain) models
iOS UIBezierAnimation curves, howto to create some sort of arc?
"Prerendered Icon Flag: true" in submitted iPhone app binary details, but icon shown with glossy effect in store [closed]
Are scheduled UILocalNotifications part of iOS device backup?
Core data bug refers to nonexistent core data attribute of reflexive many-to-many relationship
How to identify user across devices on iOS?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!