question

chris-test avatar image
chris-test asked

Security question

Just about ready to publish my app but I have a security issue I need to understand first. This is my first time using both the Amazon app store as well as IAPs, so sorry for my lack of understanding. My question is, what is stopping a customer from installing the SDK Tester themselves, creating a simple json file with data obtainable from the client apk, and circumventing the Amazon IAP servers? Do I need to check of the SDK Tester is installed and if so block access? Or is this a simple flag that I'm not seeing, or is there some other solution to prevent such a method of piracy? Thanks in advance.
iap
10 |5000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

3 Answers

Sujoy@Amazon avatar image
Sujoy@Amazon answered
Hello Chris, The live version of your app, that is distributed through App Store will never talk to SDK tester and it will always fetch the IAP items from live server. SDK tester is provided for developer to test IAP in sandbox mode in the apk what is not submitted to us. You should not worry about this and please do not put any unnecessary check in your code.
10 |5000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

chris-test avatar image
chris-test answered
Thanks for your response. I'm curious do I need to set a flag once I'm ready to submit the live version? If not, do you guys modify the app in some way after I submit it that prevents it from talking to the SDK tester?
10 |5000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Sujoy@Amazon avatar image
Sujoy@Amazon answered
Hi Chris, You [b]do not have to handle[/b] it from code. Our system detects it and work accordingly. Sorry for not making it clear in the first time. Thanks.
10 |5000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.