Apple patching in-app purchase bug that allowed buying for free

5comments
Apple patching in-app purchase bug that allowed buying for free
Just recently, news broke that Apple’s implementation of in-app purchases is flawed, allowing hackers like Russian Alexey Borodin to circumvent Apple’s servers and trick apps into thinking you’ve paid for things inside it while you actually haven’t. This was all possible because of two things - first Apple didn’t use a unique identifier for each of the purchases, and secondly because developers often neglected to validate their in-app purchase receipts.

And now Apple is introducing a unique identifier for each of the purchases - a likely step towards patching that bug. It’s actually not completely clear whether the newly implemented unique identifier for in-app purchases is indeed aimed at patching that hole in the system, but at least that’s the most likely reason, especially as Apple adds it mere days after the hack was made public.

For the time being, though, you can still circumvent the system and use a third-party server to fool apps into thinking you are buying items while not actually paying.

source: MacRumors

Create a free account and join our vibrant community
Register to enjoy the full PhoneArena experience. Here’s what you get with your PhoneArena account:
  • Access members-only articles
  • Join community discussions
  • Share your own device reviews
  • Build your personal phone library
Register For Free

Recommended Stories

Loading Comments...
FCC OKs Cingular\'s purchase of AT&T Wireless