Protect IOS App From Lucky Patcher and other such Apps

Question

I have a successful IOS App on Appstore containing In-App purchases. Recently we noticed that some people are using Lucky Patcher or other such App to get In-App purchases without paying. During the research, I have found a few posts related to Android like this and fixed the issue in Android by Google Play Licensing.

But for IOS I am still confusing how I can fix this issue and save my App from Hackers. Can you please let me know, what can be the possible solutions?

Is there any library available in IOS as we have Privacy Checker For Android?

Thanks in Avance

No, how we can do that? can you please send any helping link? thanks. — Asad Ali Choudhry, Mar 23 '20 at 08:22
https://developer.apple.com/documentation/storekit/in-app_purchase/choosing_a_receipt_validation_technique — Paulw11, Mar 23 '20 at 08:55

score 0 · Answer 1 · answered Mar 23 '20 at 13:27

0

The general response to this is that it is a total waste of your time to try and prevent it.

Why? Most/all of the people who are pirating it won't pay even if you made pirating impossible. You can't just take the simple approach of "we have x number of pirates, that would be y more money if we stopped them from pirating"

Also making pirating impossible is in its-self impossible. The problem is that any time you add some other validation method, they can always patch that out. For example, say you do add server side receipt validation. The weak link will be the:

if serverSaysReciptIsValid { // enable feature }

All the pirate will have to do is replace that with:

if true { // enable feature }

You can do a bunch of things to make it harder for them to find that check in your code, but it will just slow them down, likely not enough to make any difference.

answered Mar 23 '20 at 13:27

jamone

17,253
17
63
98

Thanks for your response, But it's not about money, its about people who are able to use our work freely. And the other thing is, its a social & chatting App so some guys are spreading it with others that by using Lukcy patcher you can get these features free of cost. – Asad Ali Choudhry Mar 24 '20 at 10:26
1

In that case, I would do receipt validation on your server, and then store the purchase status of each app on the server. When a user tries to contact the API you should confirm if that user has purchased (based on server's data), and then accept/reject the request that way. That should make it nearly impossible for them to patch around, since all of that is server side. However if the app is talking to a 3rd party API that you don't have 100% control, then you are SOL. – jamone Mar 24 '20 at 13:48

Protect IOS App From Lucky Patcher and other such Apps

1 Answers1