0

I have an app I'm developing which relies heavily on users being able to purchase content which will be downloaded from a server. As the app nears completion I'm becoming more concerned about my current distribution model, which is simply that when the user purchases an item the app then generates the correct URL and downloads the data (e.g., from www.website.com/content/music.mp3).

I have some simple web development experience, but I'm not aware of any authenticating process to ensure that only my iphone app has access to this content. In other words, as soon as somebody detects the outgoing URL request, they could get my content for free. Is there anything I can do to prevent, deter or even strongly discourage this?

jakev
  • 2,815
  • 3
  • 26
  • 39

1 Answers1

0

Send the receipt to your server, verify the receipt and create a one-time-url for the file.

Matthias Bauch
  • 89,811
  • 20
  • 225
  • 247
  • That makes sense. What besides JSON will I need to research to equip my server to process the receipt? – jakev Apr 09 '11 at 23:06
  • For processing you don't need more. You send it to an apple server and they tell you if it's valid. – Matthias Bauch Apr 09 '11 at 23:14
  • Follow-up: here is a link on the PHP code one might write to submit the receipt to the apple store. This helped me (no PHP experience at all) a great deal, maybe it will help others: http://www.phpriot.com/articles/verifying-app-store-receipts-php-curl – jakev Apr 09 '11 at 23:32
  • Also this question has a great answer with excellent code: http://stackoverflow.com/questions/1298998/verify-receipt-for-in-app-purchase – jakev Apr 10 '11 at 04:29