androidbillingin-app
Android In-App billing security issues?
During our efforts to design InApp Billing for our Android App, we came up with the following scenario;
- Customer has rooted/manipulatable device (so Market app + my app can't be trusted)
- Customer purchases a product
- Purchase state 0 (purchased) is send to our backoffice (all is checked and ok), we give credits.
- Customer refunds that purchase
- Customer has manipulated our app or the market app to locally confirm the refund and thereby prevent the refund notification to reach our backoffice server.
Is this scenario possible? How can we fix this?
Solution
First: if the user asks for a refund you receive also an email.
Second: the purchases on in-app billing are not refundable directly by the user. If a user wants a refund, he must contact you and then you can proceed manually to refund with your google wallet account.
So i think that your scenario neve happen.
Secondly if possible i suggest you to use managed purchases, in that case if the user asks for a refund, google market will remember it, and you can use a RESTORE_TRANSACTION to check if some refunds occurred (but again: you must grant a refund).
- Your app currently targets API level 30 and must target at least API level 31 to ensure it is built on the latest APIs
- How can I reduce the size of a library folder?
- Stream Audio from Client to Server to Multiple Clients Java
- Talkback does not specify index out of list count in RecyclerView
- Panorama 360 viewer with phonegap
- opening an external "file explorer" app: how to get absolute path from a uri pointing to a folder
- Which ParseException may be thrown on signup/login attempt
- What I should add as a key to LaunchedEffect to be changeable?
- Variable not updated in a Coroutine
- How To Stop Git-Bash command on windows
- Getting Error while Dexing. after upgrading flutter to 3.19.0
- Can't find the option to change privacy policy for Android app already on play store
- Button not responding to Click Event after Translation animation
- Using libcurl in C++ Android application using CMake
- Why compose adds extra text to Accessibility?
- packages have newer versions incompatible with dependency constraints
- How can I scroll to the beginning of a paged list after the start of the list is no longer presented
- why flutter_fortune_wheel always run instantly after page open?
- How to create Viewpager Transformation in Jetpack Compose?
- Remove underline from TextInputEditText
- String replace isn't working for some cyrillic characters
- How to create push notification with long text and picture in one style
- Android ListPopupWindow's method isShowing() does not work
- How to remove top and bottom padding exo player in android jetpack compose?
- flutter doctor --android-licenses does not work
- Eliminating Blinking Effect in Rotational Animation of List Elements
- Flutter Firebase and Android issue - unable to initialise. Cannot find google-services.json with latest (sept 2020) migration instructions executed
- Magento REST API for Android Application
- input type=number not possible to insert negative numbers on mobile phone
- Why doen't Compose trigger a recomposition on State update?