I am implementing in-app billing into an Android game and we want to use a server to store the purchase information.
According to what I understood so far, Android Market will return a callback to the app in the form of Broadcast receiver about the purchase status. But since we are persisting the transaction information on the server, my app has to make some http post request and update my server. There is a very high chance that this http post request could be imitated by some hacker manually. How do I validate that Android market receipt information from my server code? -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/android-security-discuss?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
