0

Possible Duplicate:
Secure way to unlock full version via In-App Purchase

What is the recommended way to protect content which has been downloaded following an in-app purchase from being copied to another device? The typical process seems to be copy the content to the 'Application Support' folder and set a flag in the NSUserDefaults. Both of these could be updated by someone accessing the iOS device via Finder or similar. If I store the transaction receipt, that could also be copied across.

I can potentially use the restoreTransactions functionality to validate when the device is online, but that requires the user to enter their password, so it isn't a silent background check and obviously wouldn't work if the device is offline.

I'm tempted to use a device ID to tie the content to the device when it is downloaded, but Apple advise against using this.

Am I missing something?

Community
  • 1
  • 1
user1983594
  • 1

1 Answers1

0

As you mentioned saving it the state in the NSUserDefaults is easily edited, but save the state in the KeyChain makes it harder for the user to change the flag state for a download.

I save all my IAP download state in the KeyChain, there by make sure that you can't just set the key to true in NSUserDefaults.

In a game we developed we also check server side if the user has bought the game item (also including the recept checking).

In a reader we made the PDF is password protected, via a sort of random code based on the name plus some secret stuff ;)

My guesses are that this should make you are less easy to crack, just keep in mind that you can't also keep a head of the crackers. But you can definitely slow them down.

rckoenes
  • 69,092
  • 8
  • 134
  • 166