* User presses confirm on the IAP
* We send the purchase info to our servers
* We then give our user the virtual goods (on the server)
If we can have all the information to do the verification cryptographically (like the nonce, etc), then we’ll do the verification on the server side. Verification on server side is always more secure. Client side verification can always be hacked.
I would need to verify purchases with an external server, (the signed JSON message) since the consumable content is handled by this server.
It is indispensable feature for online mobile game.
[import]uid: 155824 topic_id: 29209 reply_id: 329209[/import]