I have a paid App with no in-App purchases. I have been performing local receipt validation for a couple of years now to prevent app piracy and never had a problem with app review.
My approach is to look for the receipt upon app launch and if it’s not there, ask the user to refresh the receipt. If the user doesn’t refresh, he can’t do anything else on the App.
The receipt is always there when the app is installed from the App Store so asking the user to refresh is only likely to occur during the review process or when I install the app from XCode where everything is working as expected.
Of course when the app calls for a refresh, the reviewer is asked to login, but this time it looks that they don’t like to be asked for Apple credentials or the login is not working anymore during review. They refuse to give details about what’s the exact problem. Is asking the user to refresh a problem?
What I’m supposed to do? I don’t want to leave my app unprotected but I need to get it approved. Am I using an uncommon validation process? Should I approach it differently? I don’t want to setup and maintain a server just for receipt validation.
Also, jailbreaking is not that common nowadays, is it? Maybe is not that bad to remove the validation process?