Receipt Validation

The receipt for an application or in-app purchase is a record of the sale of the application and of any in-app purchases made from within the application. You can add receipt validation code to your application to prevent unauthorized copies of your application from running. Refer to the license agreement and the review guidelines for specific information about what your application may and may not do to implement copy protection.

Receipt validation requires an understanding of cryptography and a variety of secure coding techniques. It's important that you employ a solution that is unique to your application.

Validating Receipts With the App Store

Validating with the App Store requires a secure connection between your app and your server, and code on your server to validate the receipt with the App Store.

Use a trusted server to communicate with the App Store. Using your own server lets you design your app to recognize and trust only your server, and lets you ensure that your server connects with the App Store server. It is not possible to build a trusted connection between a user’s device and the App Store directly because you don’t control either end of that connection.

Communication with the App Store is structured as JSON dictionaries, as defined in RFC 4627. Binary data is base64 encoded, as defined in RFC 4648.

To retrieve the receipt data,  use the AppStoreReceipt property of ISN_SKPaymentQueue to locate the app’s receipt, and then read the entire file. Send this data to your server—as with all interactions with your server, the details are your responsibility.

using SA.IOSNative.StoreKit;
var receipt = ISN_SKPaymentQueue.AppStoreReceipt;
Debug.Log("Receipt loaded, byte array length: " + receipt.Data.Length);
Debug.Log("Receipt As Base64 String" + receipt.AsBase64String);

Learn here how to properly build the communication between your and apple server after you have obtained the receipt.