I have some questions about the values passed in StoreKit's applicationUsername and appAccountToken.
Hello,
I am using StoreKit to provide in-app purchase functionality.
To support devices running iOS 15 and below, I am using both StoreKit v1 and v2.
I have some questions regarding the values for applicationUsername and appAccountToken.
We are planning to convert a value used for user purchase verification into a UUID and pass this value as applicationUsername and appAccountToken.
Since the UUID is not a fixed value like a user ID, a different value will be passed each time a purchase is made. We would like to know if there are any issues with passing a different value each time.
Additionally, if anyone has experience using a dynamically changing value like a payload instead of a fixed user ID, we would appreciate it if you could share your insights.
StoreKit (Original API)
let payment = SKMutablePayment(product: product)
payment.applicationUsername = uuid
SKPaymentQueue.default().add(payment)
StoreKit
try await product.purchase(
options: [
.appAccountToken(UUID(uuidString: uuid)!)
]
)
The reason I'm asking these questions is because I came across a past document related to Detecting Irregular Activity:
In the latest documents, this content is missing, so implementing it as described above seems to be fine. However, since the payment functionality is critical, I need to confirm.
Past document
What can I do to help combat fraud during purchase transactions?
Recent documents
requesting_a_payment_from_the_app_store
applicationUsername
For the original StoreKit API, there was content related to detecting irregular activity as mentioned above. However, for StoreKit v2, the appAccountToken does not seem to have such restrictions.
Confirming this would greatly help in our service development.
Thank you.