Check AppleID

Just wondering… if I submit an app to the MAS, and it someone buys the app. Is there a way for the app to verify the appleID?

you can count the number of sells, but that’s all you get from apple …

Yeah, I was aware of that. But it would be nice to compare the AppleID the app was purchased with and the AppleID of the machine. This way it makes it a bit harder for the pirates out there.

I was also thinking of making a free app but with in-app purchases. This way the app will have it’s power functions locked until the user buys the in-app purchase or restores the purchase.

Don’t overthink it. Better spend more time making sure your app is as perfect as possible. Worse than the accasional pirate, is the bad review that dries up all future sales.

As for free + in app purchase, I did not ry it yet, but seems like a good plot. Make sure the full app is also available. Some people hate in app purchase.

You are right. I’m not a fan of it either. But I think it helps against piracy.

I doubt free + iAP fights so much against piracy. It is probably much more a way to provide sort of an evaluation sample to the user.

If you put your app in the MAS, Apple handles security for you. I would expect that a check-ID scheme such as you propose would get a rejection. In app purchases seems to be the wave of the future (more so on the iOS store than the MAS). I investigated that and found setting it up not using Xcode to be non-trivial. I think MBS had a plugin to help.

what’s the best practice: free app and inapp purchase, or a free app and a pro app ?

Like Michel said, Most people don’t like it…

In a game it is very common to buy credits or something like that. People accept that more than unlocking features.
But I do have some pro-apps, like a clapperboard I used for filming, with timecode sync functions (using the headphone jack to send a timecode signal to pro-cameras). These advanced features are iAP.
That was for iOS though. I have not run into apps for OS-X that have iAP.

In app purchase in free apps in increasingly common in the App Stores.

But I believe there are a significant number of users who simply want to get the complete app and be done with it.

At least, that is what I see on my web sites, where I systematically offer a free app for evaluation. And indeed, these app offer to buy from inside they app. What I do is to showURL, so users don’t have to purchase from the app itself.

I also noticed a significant number of users prefer to buy from online stores rather than the web site.

You don’t get any customer information from Apple. You may get some if you ask the user to sign up for your mailing list or something in a pop-up, but I forget if this is against the Mac App Store rules or not.

Regarding security, it is definitely possible to do a bit of cryptographic security to discourage the casual copying of your app (e.g. Adam buys your app and sends it to Cecilia, who then runs it on her computer without any problems). To do that, you should check that the Mac App Store cryptographic signature is still valid (has not been tampered with) and exit with error code -173 if it’s not.

That special exit code tells the OS to prompt the user for their App Store credentials, so that the real, un-tampered app can be downloaded from the store.

Of course, if people share App Store credentials there’s nothing you can do; that’s entirely handled by Apple. Anecdotally, I think the limit is 5 installs but that is a “soft” limit.

I still don’t like it. :wink:

Nobody said you had to like or dislike it.

We do have a few classes to check in-app purchase receipts:

So you could validate the receipt file and see what was purchased.

  1. You must use Apple’s “Receipt” reading functions, even if your application is FREE. You can download the source code and a demo application from my Xojo site This will give you basic protection.

  2. You are not allowed to add your own solution on top of Apple’s.

  3. Extracting the user’s AppleID is an invasion of privacy; unless you’re a promoted highly visible Apple partner, you’ll be in trouble for doing this. I downloaded a competitors app that Apple was promoting, and ended up having my AppleID e-mail spammed by that company, yet Apple have never removed that product (although it may have been fixed a future version).

  4. In-App-Purchase must be done via a plugin (this is at least what I have discovered).

  5. In-App-Purchase has been a dead end for us, we have 3 apps which use IAP and made about $300 from all 3 combined last year.

  6. According to the Apple guidelines, a IAP application must be able to stand on it’s own without the customer purchasing anything.
    a) This makes it hard to strike a balance between a useful FREE application and enough exciting features to upgrade too.
    b) IAP functions must be hidden until purchase, disabled is not accepted.
    c) You can’t use IAP with a time limited trial as time limited trials are not allowed on the App Store.
    d) You can’t use IAP with a version that watermarks files, as this is not allowed on the App Store.

I’ve seen plenty of apps that do not abide by these rules and get accepted; so YMMV, but these are the rules.

  1. Totally FREE apps with a upgrade button to the “Pro” version is where we’ve seen the most traction on the App Store, pretty much the same version as you would offer for IAP, but instead of the IAP functionality you simply redirect people to the App Store page for your ‘Pro’ version. For some reason people are happier to purchase a Pro version, rather than pay for a features to be unlocked in a FREE version.

  2. Offer a version on your own site with trial capabilities. This way customers who come to your site can download a fully functional trial version (time limited is what has worked best for us) and test drive your product before shelling out their cash.

Our latest product which is aimed at higher-end consumers/prosumers sells better through our own site than the App Store. Meanwhile our apps that are aimed at regular consumers sell better through the App Store.

All my recent free evaluation versions on my sites have iAP with both PayPal and the MAS buttons. It would seem that it give a sense of confidence to the user. But they mainly buy from the MAS in the end, not through Paypal. Yet, I send them to the default browser in order to keep the level of security.

I have tried both limited features and time limit. I am still undecided.

I have not decided yet to use the limited app+iAP in the MAS.