Detecting user(apple ID) change for IAP

Question

Created Jul ’18

Replies 4

Boosts 0

Views 6.3k

Participants 3

I'd like to find out if there is a way to detect if the user has changed since the last time my app has run on iOS. I understand that exposing the apple ID would violate privacy, but is there any user-specific ID or other information I can leverage to achieve this? Even just being able to see when the current apple ID logged in would be enough.

I am developing an iOS app that is free to download but has one non-consumable product representing a full version unlock, meaning once they purchase, all features of the app are unlocked. Once a user has purchased this product, I store a flag in the app's data indicating this and I don't initialize purchasing after this flag is set. This allows users to use the unlocked content while offline and it also means my app doesn't require them to enter their password every time they use it.

What I notice is that if I log in with user A and purchase the unlock, then log out and log in with user B, the content remains unlocked. If I could detect user change, I could relock the content and restore purchases to see if the new user has indeed purchased the content.

To handle this case without user change detection, either I need to restore purchases every time the app starts (which makes using my app annoying for some users), or leave the app vulnerable to this kind of piracy. Someone could purchase an unlock, then log in/restore purchases/log out on all their friends' phones and transfer the unlocked content to them.

I understand it seems a bit far-fetched, but if the right person (someone with a blog perhaps) discovered a vulnerability like this, then it could be a real issue. People like to steal things on the internet and go to great lengths to hack and pirate. If it isn't difficult to handle, I'd like to handle it in my app, however unlikely. With the scale of the online marketplace, seems like we'd want to shore up any vulnerabilities we can find before they are problematic.

Boost

Answer 1

PBK OP

Jul ’18

First off, the thefts you are fearing are not 'loss of sales' because few thieves will actually make a real purchase. So what are you really losing?

But.....

There are levels of complexity here. There are two accounts with similar or different Ids - iTunes/App Store Id and the Apple Id. Most iPhones are strongly linked (through Find My iPhone, iCloud data backups, notifications, etc.) to their Apple Id and users will not freely share their Apple Id nor change the Apple Id their device is logged into. It is, unfortunately, straightforward to change (and share) your iTunes/App Store log in.

So, you can use the user's iCloud Account key-value file (tied to their logged-in Apple ID) to write something at the time of first purchase and thereby record the purchase in only one key-value file - hence only one Apple Id can use the IAP. Any attempt to use the purchase could require having access to that key-value file and therefore require being logged into that Apple Id under which the purchase was originally made. Remember, the Apple Id is not the same as the iTunes/App Store Account. You also need to prevent crediting additional Apple Ids with restoreCompletedTransactions and with a second (third, fourth...) purchase of the same IAP (which would be for free). It is easy to separate a restore from a purchase in updatedTranscations and in fact once you have this system in place you can do your own restore and not implement restoreCompletedTransactions. I do not recall how you differentiate a second 'repeat-purchase-for-free' from the original purchase event - but there is some indelible marker that differentiates the two, perhaps it's the original_transaction_id being different from the transaction_id in a repeat purchase. You need to do this to prevent a 'friend' from logging into the iTunes/App Store account, making a second 'repeat-purchase-for-free' and crediting a second key-value file in iCloud.

Good luck!

0

Answer 2

AnsarAdimu OP

Feb ’20

If I want to write to the user's iCloud, the user will have to grant access for iCloud, right? Is that fine? Why should the users give permission to access their iCloud?

I have asked a similar question in StackOverFlow. (Link: https://apple.stackexchange.com/questions/381206/subscription-management-with-itunes-id-restrict-the-user-from-creating-multiple)

0

Answer 3

PBK OP

Feb ’20

1) I do not think the iCloud key-value file requires user permission.

https://developer.apple.com/library/archive/documentation/General/Conceptual/iCloudDesignGuide/Chapters/DesigningForKey-ValueDataIniCloud.html#//apple_ref/doc/uid/TP40012094-CH7-SW1

2) Why should the users give permission to access their iCloud?

Because they want to purchase the IAP.

3) Perhaps all you need is that token that identifies the user's Apple ID. Again, the Apple ID differs from the App STore ID. Using someone else's App Store ID is like using someone else's pen that they used earlier in the day - it can be done. Using someone else's Apple ID is like using someone else's underwear that they used earlier in the day - it can be done.

0

Answer 4

AnsarAdimu OP

Feb ’20

Understood. So, the issue can't be solved by writing a key-value pair to the users iCloud account. Because iCloud account is associated with Apple ID where the purchase details (Subscription info) will be associated with App Store ID. The user can change the Apple Store ID and can try a purchase. If that App Store ID doesn't have a subscription purchased, I should allow them to purchase, right? But if I look after the iCloud key-value pair, I won't be able to allow them because there exists a key-value pair in the iCloud which represents a purchase from another App Store ID.

0