Trying to verify Android in-app purchases with Google Wallet

2
votes

Our game is an in-app purchase game and we would like to verify the order id on our own security server.

We’ve received the purchase result from Google on device, and we are looking for a way to get the order information from developer’s Google wallet by order id which includes in purchase result, because there are some users that use some ways to pass our purchase verification on device without pay.

We can check all the orders on our Google wallet account, so there should be an API for developers to get the order information and we’ve googled for the key words “Google Wallet API”, “Android order id”, etc. but found nothing we can use.

Do you have any clue for this? Or how are you guys verifying orders with the order id?

1
androidin-app-purchasein-app-billingandroid-pay
Did you look at this - developer.android.com/google/play/billing/index.html?Shmuel
to David, Yes, we've checked the document few times and found "Security Recommendation". And we use the verifyPurchase() to verify signature which in the response from Google, but it always return true, even run the game under hack app.Leo Yin
What exactly do you mean by "Because there are some users use some ways to pass our purchase verification on device without pay"?EdSF
Sorry for that unclear. I mean, here is a mismatch between the order list on Google wallet and the list that game server handle orders. We've found there is a hack app name "Freedom" can buy virtual items in -app without pay, but you have to root your device first.Leo Yin
The point of this question is how to get the order information from Google wallet by order id ? then our game server can verify the order is correct or not. :)Leo Yin

1 Answers

1
votes

Purchase verifycation can be done using Purchase Status API:

Using that, you can check purchaseState, consumptionState and developerPayload, which was sent in your purchase request and can be an unique identifier of the user. For more info see: Purchases products API info