While the v3 API is much nicer and simpler, managed consumable v3 items don't seem to be a replacement for unmanaged items in v2. Looking at the reference docs for v3 (http://developer.android.com/google/play/billing/billing_reference.html) and v2 (http://developer.android.com/google/play/billing/v2/billing_reference.html), v3 doesn't seem to support the idea of nonces, and therefore doesn't support the concept of server-side verification of purchases.
In v2, a client could make an unmanaged purchase with some chosen nonce, and then send the signed data and signature to the server. The server uses its copy of the public key to verify that the signature is correct, applies the purchase to the user's account (i.e. provisions the purchase), and records the nonce in its database. If the user tries to replay the purchase with the server, the server won't apply the purchase again because the nonce has already been seen.
In v3, the client is responsible for everything. After purchasing the managed item and immediately consuming it, our client would then have to send a request to the server to provision the purchase there. This is ripe for abuse. Even if you use HTTPS and send some "secret value" in the request, it takes little effort to use mitmproxy (http://mitmproxy.org/) or something similar to see what data was sent, and replay it repeatedly to apply the same purchase multiple times.
So it seems like v3 has traded v2's genuine security for security by obscurity.
- Mike
On Wed, Jan 30, 2013 at 2:03 PM, William Ferguson <william.ferguson@xandar.com.au> wrote:
Managed consumable items in V3 are the replacement for unmanaged items in V2.I think it is a good move. It has greatly simplified the concept IMHO.And the V3 API looks much, much better.William
On Thursday, January 31, 2013 3:56:04 AM UTC+10, Michael Parker wrote:Hi all,Reading http://developer.android.com/google/play/billing/index.html, it seems that they're really pushing for devs to use v3 of the API. At the end, it says you should use v2 if "you want to sell subscriptions in your app." But v3 doesn't handle selling unmanaged items, while v2 does. It seems that you could simulate selling unmanaged items in v3 by actually selling managed, consumable items that the client immediately consumes. Is this encouraged? Is there a better way to sell unmanaged items in the v3 API?
Thanks,Mike--
--
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en
---
You received this message because you are subscribed to the Google Groups "Android Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to android-developers+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
--
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en
---
You received this message because you are subscribed to the Google Groups "Android Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to android-developers+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
No comments:
Post a Comment