Lets say there is an app that offers in app purchases, If user A came and bought item X from the app then I think from what I understand that his/her primary device account will remember what user A bought (assume the primary email is : userA@gmail.com).
So that now userA@gmail.com knows that item X is a purchased item.
If user A gave user B his/her primary account (userA@gmail.com with the password) then user B will add this email as his primary account, and user B will simply access item X and this is the same for any user that might happen to know user A.
My question:
If user purchases are remembered by their primary account, then how to prevent users to pass their accounts to each other and access things for free?
Any ideas?
Thanks.
This is normal, as you can give your password to another person. In this case, the user remains the same, only the device changes. In-App billing associates a product (consumable/non-consumable) to a userID. The question here is not on the in-app billing side, but in how the game actually handles the item consumption.
Let's put things in another perspective: you buy something on device A, with account X. Then you try to login on device B, with account X. Your stuff will remain there (sometimes games have a "refresh purchases button", that in fact just call the in-app billing services to retrieve the products/items associated with that userID, so that the game can refresh the items in-game), but if you login with an account Y, that never purchased anything, even on device A, the in-app billing will retrieve nothing (because you never purchased anything in on account Y), so you will see nothing purchased in your app/game.
You can purchase stuff, and pass your account to other people, but they will not be able to "move" or "trade" items from your account into theirs.
EDIT: However you can try and add the getPurchases() method, so that it can retrieve the non-consumed items of that userID, after the login.