1

We're launching an app that is selling the service through inapp purchases. Currently we asessing a risk of Jailbroken devices.

Is it possible that a user with a jailbroken iphone simulates an inapp purchase without paying for it?

Kevin Reid
  • 37,492
  • 13
  • 80
  • 108
Lenko
  • 13
  • 1
  • 3

2 Answers2

3

yes, it is possible that some app can simulates an inapp purchase without paying for it.

To prevent this, you should check the IAP transaction and receipt from app store. You can reference Verifying Store Receipts from the Apple In-App Purchase Programming Guide.

Hanon
  • 3,917
  • 2
  • 25
  • 29
  • Thanks Hanon, is it possible to control this programatically? – Lenko Jan 30 '12 at 08:50
  • Yes you can, i updated my answer. You can go to the link and see it. FYI, I test my app (with IAP) before with a jb device and the cracker app. Then I log both non-jb and jb device transaction to see the differences. And find that you can do something in your code to prevent the crack. – Hanon Jan 30 '12 at 08:56
1

it is possible and there are system tweaks for jailbroken ios devices that do exactly what you're talking about, take a look here: http://www.youtube.com/watch?v=u3cmwwjISAo

this is of course pretty illegal i believe.

Jorge Cohen
  • 1,512
  • 10
  • 34
  • Thanks for the video:( It is too bad that it is possible, however I guess there should be some option from apple to control the real transaction.. Any ideas? – Lenko Jan 30 '12 at 08:49
  • Look over here, might have an answer: http://stackoverflow.com/questions/7465713/how-to-prevent-iap-cracker – Jorge Cohen Jan 30 '12 at 08:53