Hi,
Our team is currently developing subscriptions support.
We are currently worried about two potential fraud scenarios:
- Users that share Apple ID, indefinitely.
We foresee that some companies that use our app, may be inclined to share the apple id to install and share our app with the one subscription purchased on the shared Apple ID? The device will use the shared Apple ID indefinitely.
Is there anything that Apple does to prevent this on their end? Is it possible for the developer to do anything in order to prevent this?
Is this a legitimate concern?
- Users share Apple ID, initially.
We foresee that some companies, may be inclined to share the apple id to install and share our app with the one subscription purchased on the shared Apple ID? The device will use the shared Apple ID only at the time of purchase (after that the user will sign in with their own Apple ID).
Here we had an idea to restore purchases on each app start, but the official guideline (https://developer.apple.com/documentation/storekit/original_api_for_in-app_purchase/restoring_purchased_products) is not to do that.
Our app does not track logins by itself. We noticed that popular and successful apps like Calm or Toca Boca World, are vulnerable to this type of fraud, and we are wondering whether this is just something Apple does not worry about?
We realize that both of these fraud cases present certain difficulties for the user in the way they use their ios device on a daily basis. Is that the deterrent from this type of fraud?
What do you think? What are the best practices? Are these legitimate concerns?