Yesterday the news fell that Apple was finally allowing free iPhone apps to include in-app purchases. Until then, developers who wanted to offer a free trial of their applications had to create 2 versions: a full-featured paid version, and a “lite” stripped-down version with very basic features.
The news was very well welcome, especially by developers who see in this new system a chance to reduce application piracy. Two articles got my attention yesterday as they were insinuating that in-app purchase for free apps was the end of piracy.
Here’s the trick: while you can crack an iPhone application and throw it up for all to download in a matter of seconds, you can’t fake an In-App purchase receipt. A pretty notable chunk of the In-App purchase process is actually handled on the developer’s server, in addition to Apple’s – so unlike the initial purchase (which devs actually get to know very, very little about), developers know pretty damn well exactly which iPhones should be running which In-App Purchase. Developers have a specific receipt for each in-app purchase, which resides on their server. Faking this would be like tricking Amazon into shipping you a TV that you didn’t pay for.
“Will this help in anti-piracy measures?” Definitely. StoreKit allows developers to validate receipts, ensuring that unlock codes are only sent to paying customers. Add a hash-check algorithm for the current device and developers have better control over who gets to use their applications.
I am not much of a technical person (“StoreKit” and “hash-check algorithm” sound like Chinese to me) but I really doubt that in-app purchase is the end of piracy. If anything, it’s going to start a new era of iPhone app piracy.
To crack an application, you first have to download it. So let’s say I’m a cracker, I download the app, I pay for the in-app purchase that “unlocks” the full-featured app. Now that I have everything, I just need to crack the application and make it available to the general public.
Nothing changes. Maybe the way I crack the application changes. Maybe I have to bypass a few new protections like the StoreKit thing, but in the end, if I have the full application to work on, there will always be a way to trick the app into thinking it is legit.
So to me, in-app purchase will not kill iPhone apps piracy. At best, it will slow it down and instead of getting the cracked version of XYZgame in 2 hours after the release, I’ll get it in 3 hours. At the end of the day, you still get your cracked app.
As I said above, I’m not technical at all and I might be missing something here. I’m interested in hearing what you have to say about it. Do you think in-app purchase will put an end to iPhone app piracy? Why? How? Leave a comment to share your views.