How to guarantee that user won't be able to makeup transaction_id to call new api

App & System Services StoreKit
daydaylw3 OP
Created Aug ’23
Replies 3
Boosts 0
Views 506
Participants 2

If my user purchase and get transaction_id: 2000000395609292, and then another user just makeup a same transaction_id to call the App Store Server API

If in the old way, the receipt seems impossiable to makeup, how about now? Is that equally safe as before?

Or is there any way to protect transaction_id.

I am not that good at security, so please forgive me about missing any point. o(╥﹏╥)o

Looking forward to your response, sincerely!! :)

Replies  3
Boosts  0
Views  506
Participants  2
Claude31 OP
Aug ’23

How is this transaction ID generated ?

.

another user just makeup a same transaction_id

AFAIK it should be unique. So how could it be ?

0
daydaylw3 OP
Aug ’23

I mean it just number, I can guess a random number. Is that possible?

0
Claude31 OP
Aug ’23

If in the old way, the receipt seems impossiable to makeup, how about now? Is that equally safe as before?

Which old way do you mean ? What is the new way ?

Where is the ID generated ?

0
How to guarantee that user won't be able to makeup transaction_id to call new api
First post date Last post date
 
 
Q