In-App Purchase Validation

Overview

To ensure the legitimacy of the Purchases received from the Billing SDK and avoid potential fraud, this document provides guidelines and instructions on how to implement the validation of In-App Purchases in your app. To apply this validation, you need to perform a Server-to-Server call to our service with the transaction information. This transaction information is obtained in the Client-side App and should be shared to your backend service to perform the validation.

Client-side code

The app sends the Purchase response to your server, through this method:

• Using the Android Billing SDK directly
  Follow the instructions to implement the client-side code within your Android application using the Android Billing SDK.

This is what the Purchase response will look like:

 {
  "packageName": "your.package.name",
  "sku": "yourSKU",
  "token": "catappult.inapp.purchase.anIdWithNumbersAndLetters",
  "developerPayload": "stringBasedDeveloperPayload",
  "itemType": "inapp",
  "isAutoRenewing": false,
  "orderId": "anIdWithNumbersAndLetters",
  "signature": "internalAptoideConnectSignature",
  "originalJson": {
    "orderId ": "anIdWithNumbersAndLetters",
    "packageName": "your.package.name",
    "productId ": "yourSKU",
    "purchaseTime": 123456789,
    "purchaseToken": "catappult.inapp.purchase.anIdWithNumbersAndLetters",
    "purchaseState": 0,
    "developerPayload": "stringBasedDeveloperPayload",
    "autoRenewing": false,
    "type": "inapp"
  }
}

Documentation:

• Client-side Android SDK Documentation

Remote Check

Your server needs to be able to receive the necessary information from your application and send it to our server for validation. It then processes the response from our server and relays the appropriate result back to your application.

Documentation:

• Server-side Documentation