Thanks a lot for the response PBK.
Regarding your first point, do you know if there is any way to get an official response from Apple on matters such as this one? We would like to be completely sure on our decision here, given the sensitive nature / potential for abuse of in app purchases.
But the secret could be used to hack the receipt validation process
How would such a hack work? If the secret is only good for validating the receipt, then I assume the most the attacker could do is validate receipts on our behalf? Perhaps the attacker could send a large number of requests to Apple's API using our secret, leading Apple to rate-limit or cut-off our API access?
Many thanks,
Alex
AlexCheema
Users receive reputation points by contributing quality content to the forums.
Posts include post and replies published on the forums.
Post authors can mark replies as Accepted to indicate successful solutions.
Apple Developer Forums admins can mark replies as Apple Recommended to indicate an approved solution