How to Verify the Authenticity of an In-App Purchase Receipt from Apple Pay?

App & System Services StoreKit
TuanAnhIOS
TuanAnhIOS OP
Created 3d
Replies 2
Boosts 0
Views 36
Participants 2

I am an app developer, and I have implemented in-app purchases in my application. When a user completes a purchase, Apple displays a success popup. After the user taps "OK", I send the receiptData to my server to add points to their account.

However, I have encountered cases where users either exit the app before tapping "OK" or experience network issues, preventing the receipt from being sent to my server. As a result, they do not receive their points.

Later, some users send me a receipt from Apple Pay, claiming that the payment was successful. These receipts include details such as the orderId, email, and other transaction information. However, I am not certain whether the user actually completed the payment but encountered an issue, or if they are providing a fraudulent receipt.

My question: How can I verify the authenticity of these receipts? Is there an official way to check if a given Apple Pay invoice corresponds to a real in-app purchase in my app?

Any guidance or best practices would be greatly appreciated!

Replies  2
Boosts  0
Views  36
Participants  2
endecotp
endecotp OP
3d

users either exit the app before tapping "OK" or experience network issues, preventing the receipt from being sent to my server.

Don't .finish() the transaction until your server has responded to confirm it has added the points to the account.

If there's a crash or similar, you'll get the unfinished transactions again when the app next runs. So make sure your transaction processing code will process purchases at any time, not only immediately after the user has initiated a purchase in your UI.

some users send me a receipt from Apple Pay ... How can I verify the authenticity of these receipts?

There is this API:

https://developer.apple.com/documentation/appstoreserverapi/look-up-order-id

That maps from an identifier in their e.g. emailed receipt to a transaction ID, which you can use to look up their transaction history.

0
endecotp
endecotp OP
2d

What I'm aiming for here is whether App Store Connect logs the transactions that users have made, and if I can rely on that to cross-check with the user's receipt.

If I understand the question correctly, the answer is no.

1
How to Verify the Authenticity of an In-App Purchase Receipt from Apple Pay?
First post date Last post date
 
 
Q