Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

iCloud makes it possible for users to "steal" In-App Consumables

In my app, users purchase consumables, let's say suitcases, that are stored in Core Data. When the user first installs the app, I give them a freebie to get started. The app can't function without at least one suitcase set up.

But if the user installs the app on their iPhone and then their iPad and syncs the two, they now have 2 suitcases. And if they uninstall the app on either device, then reinstall and sync it, they've just gained an extra one and they can do that indefinitely.

I can see two solutions, but none of them seem right:

  1. Add a value to NSUbiquityKeyValueStore when the user first syncs with iCloud. Check this value on first launch. If it's nil, create the freebie, if it's not, sync data. But this creates a problem. What if the user disables iCloud or has no internet connection on first launch. The app would create the freebie, then when iCloud is available, sync the duplicate, and they could do this as many times as they like.

  2. Somehow match the default items on each app. I had the idea of matching objectIDs or timestamps, but these would vary and I'm not sure how to handle it.

Does anyone know anything I could do about this?

EDIT:

Using a prepackaged database plus migratePersistentStore:toURL:options:withType:error: seems to be the way to go. Will post an answer with code if it works for me.

like image 209
nathan Avatar asked Oct 16 '11 06:10

nathan


2 Answers

If you're not validating receipts and keeping track of what consumables users own on your own servers you're doing it wrong. You're basically trusting the user to be decent and honest, which is generally always a bad idea.

When you use in-app consumables you should be keeping a log on a sever somewhere of what your users has purchased. That way, every time your app starts up it can verify with the server that the expected number of consumable goods are present.

like image 86
lxt Avatar answered Nov 07 '22 21:11

lxt


Use of iCloud implies network connectivity. As soon as a device connects to the network, you can validate receipts and log consumption of a consumable on your own servers.

like image 21
hotpaw2 Avatar answered Nov 07 '22 21:11

hotpaw2