Reputation: 181
How do I prevent activation of in-app subscriptions when user logs in with a different account?
I am developing an Android/iOS application that uses Ionic and In App Purchase 2 to allow users to purchase a monthly or yearly subscription. This subscription is then tied to their account (which they register from the application) using the purchase token, together with the expiration date.
The problem I am facing is that, when user A purchases a subscription with phone A, the Google / Apple account associated with phone A and user A is both associated with the purchase, so when user A logs out, and user B logs in on the app with the same phone, user B has not yet purchased a subscription, so when they try to purchase, In App Purchase 2 sets the status automatically to Approved / Owned, since the Google / Apple account associated with phone A has already purchased the subscription, and this fools the app into thinking that user B has also purchased the subscription, so activating the subscription for user B.
How do I prevent multiple users from logging into the app and re-using the subscription associated with the Google / Apple account? I would be very thankful for any hints or tips regarding this.
This might be a confusing question, and I apologize if that is the case.
I would be grateful for any assistance. Thank you in advance!
Upvotes: 2
Views: 926
Answers (3)
Reputation: 256
With Native Play Billing Library 2.2+, you're able to tie the obfuscated app account id by calling setObfuscatedAccountId (and setObfuscatedProfileId if necessary) to the purchase when launching the purchase flow. So your backend and app will both be able to identify if which app account a purchase is binded to. But to leverage this feature, you might need to code by yourself since I didn't see In App Purchase 2 has that functionality.
Upvotes: 1
Reputation: 5169
A classic problem with in-app purchases! For this, what you really need is a server to manage the subscription status for your user IDs, and don't rely on the device receipt after the initial purchase occurs. In the example you provided, when user B logs in and tries to purchase, they'll receive a message from Apple that the subscription is already owned, and you don't do anything, user B doesn't get access.
The real fun begins when user B tries to then do a restore - since you should have some restore functionality in your app. For restores, you should send the receipt to your server still, but you'll want to check if the same receipt is already associated with another user before giving access to user B. If you see that user A already has the same receipt, you can either return an error to user B, or transfer the receipt from user A to user B - giving user B access and revoking access for user A.
The details of building this out would be a much larger post, but hopefully this can point you in the right direction. There are also third-party tools like RevenueCat that are built for this type of thing (Disclaimer: I work there).
More info on building an IAP server: https://www.revenuecat.com/blog/altconf-subscriptions-are-hard
Upvotes: 5
Reputation: 322
can you have it so they purchase tokens that can then be used to activate an account on your end?
Upvotes: 0
Related Questions
- How to prevent same Apple ID usage for multiple users' in app purchases
- How to identify unique login user to In app purchase?
- How to avoid giving free trial of the Application's In-App Subscription to users who already have consumed it?
- Limit Functionality with Android Subscriptions
- Ionic in-app purchase with multiple accounts in app
- Android in app billing: If in app purchase is controlled by primary device account then how to prevent passing accounts
- Differentiating two Users for In-App Purchases in Application to Buy Non-Renewable Subscription by different users?
- How to handle In-App Purchases auto renewal subscription for different users in same device in ios?
- Apple inapp Non-Renewing subscription purchase, force-require login?
- In app purchase - Subscription - not based on Apple Id