This was a crazy week for Apple’s App Store thanks to a Russian hacker who was providing users a way through which they could download in-app purchases for absolutely free. We reported about the cat and mouse game that was going on between Apple and hacker. Now it seems like Apple has finally found a way to tackle the alarming issue of in-app purchase piracy, and that by issuing ‘unique_identifer’ for developers with every validation receipt issued for an in-app purchase. The validation receipts now have a new field that includes the UDID or Unique Device Identifier of the device.
On the other hand TNW says that it is too early to speculate that Apple is using Unique Identifiers to block the Russian hacker’s method to download paid content for free. Here’s what Matthew Panzarino of TNW has to say about MacRumors‘ story:
Since the change, which Macrumors says developers noticed as of today, comes in close proximity to the hack, it’s definitely possible that the two are related, but this identifier won’t do anything to prevent the hack as it stands. Apps will have to be updated to check the value, first and foremost, but proactive receipt validation with Apple’s servers that checks agains the ‘unique_identifier’ value is the only way this is going to do anything real from preventing a hack like this from happening again.
Anyways we know that guys are working their ass off to address this issue and stop the theft that has already allowed over 8,460,017 paid downloads for free, and so we expect hear something positive very soon. We will add more as this story develops.
- After Apple’s statement Russian hacker declares game over
- Apple takes action: Now blocking Russian servers that unlocked in-app purchases for free
- Russian hacker finds a way to bypass Apple’s payment method to download in-app purchases for free [updated]
- Apple sends email to developers regarding in-app purchase fraud
- Apple adds ‘Offers In-App Purchases’ tagline in iTunes and App Store description pages