Reputation: 152
Cordova In App Purchase Consumable Products
I want to ask: if I successfully bought a consumable product (example: coins) then I should add my coins in my database by ajax with the product that has been bought right?
How can I secure the ajax if I buy it with InApp Purchase?
I mean we can just copy the ajax and execute it with our own code without InApp Purchase right (If we were a hacker that want to get free coins)?
Upvotes: 0
Views: 159
Answers (1)
Reputation: 626
(1) This is Cordova. In a production APP, there is no easy way for a user to copy and execute ajax. Yes, a professional hacker could de-compile you APP, and figure out how to get coins for themselves, but would their effort be worth it?
(2) The only solution I can recommend is to have your own server which verifies and saves all in-app-purchases, and have your APP synchronize with your server to verify each user's actual coin balance.
See https://alexdisler.com/2016/03/20/validating-cordova-in-app-purchases-on-ios-and-android-using-nodejs/ for an example using Cordova and NODEJS.
Personally, my server verifies that every in-app-purchase reciept is credited to one-and-only-one user. This way, even if the APP is hacked, they couldn't steal anyone else's coins.
Upvotes: 1
Related Questions
- InApp purchases with cordova
- How to use Cordova-plugin-purchase to do in-app purchase with ionic framework?
- In-app-purchase in ionic android application using cordova-plugin-inapppurchase
- Implement In App purchases in Android using Phonegap?
- How to implement in-app-purchase using Cordova plugin?
- Dynamic In App Purchases - is it possible?
- Using PhoneGap to make purchases of products from my in app catalogue
- consumable in-app-purchase in iOS
- Cordova 3 In-App Purchase
- iOS In-app purchases