Hello Developers i am sure you all have worked on Google play In-app Billing(if not don’t worry you will be doing it in future). In-app billing is responsible for making purchase through your app. User buys an item through an app and pay money through their bank details.The whole process is achieved via Google play In-app Billing and we are here to discuss about the things which the developers should keep in mind while publishing In-app billing app to Play store. These points will help an application
Here are few points which you should keep in mind while you are working on In-app billing
- Do not put your content in bundled in the apk as attackers can extract it and distribute it, so instead of putting them in apk trying to put them on a remote server and parse them as per your needs. This will ensure your content is safe and it is always fresh.
- Use tools like Proguard to shrink optimize and obfuscate your code so that it would be difficult for the attackers to reverse engineer your code and the data integrity is ensured.
- Do verification process on server side instead to doing it on device, doing verification this way will prevent attackers to know about the verification process by reverse engineering your apk.
- Prevent your Google play API key at all cost try to manipulate it using bit manipulation to hide actual key.
- In In-App billing version 3 API there is a developer payload string which is used for sending any details of purchase to Google play and Google play reverts back with the same string in response. Pass this string as token in your application, this will help you identifying the user who made purchase and whether that transaction was genuine or not.
- If you have created the application by taking the sample application code then don’t forget to modify your code before releasing the app for production purpose and try to use sample provided by Google only.
Make sure you follow these points before publishing your application. as this would prevent the malicious attacks on your applications.
For more details on this go through the following link
http://developer.android.com/google/play/billing/billing_best_practices.html
Hope you find this useful.
Thanks for reading :).
Exploring Android With Ankit 