I have an app that I will offer 7 free uses on a certain function inside the app. Then after the seventh use, I will disable the function until a purchase is made. My question is can the user unistall the app and reinstall to use the 7 free uses again? If so, what would be the alterantive.
Thanks I am currently using NSUserDefaults.......
Yes, they can delete and reinstall. The solution is 1) use a free IAP to enable the trial period. 2) use the keychain - it survives delete and reinstall 3) use the user's iCloud key-value file.
Well that's unfortunate for my use of the keychain to store 'permanent' information of a user.
I don't know what you are doing. Maybe you know something I don't. But, in general, I don't know of any way to prevent access and deletion of data. They can always use FS events to find the data you are writing. They can use local snapshots to reset and try again. Apple has the mysterious data vaults, but even those are vulnerable to disabling SIP. If you keep looking for obscure tricks, you start to run the risk of using something that isn't reliable or that you don't fully understand or control. Hackers are definitely an annoyance, but breaking DRM for all users is an existential risk.
And hackers are perfectly capable of disassembling your binary and changing it. Don't assume you are too small-time for them to bother. I'm most definitely small-time and my software is regularly cracked and publicly posted on the internet. They even charge money for it.
But you need some way of permanently identifying a particular user or device - what do you use for that? Can't a user delete and reinstall an app and then reappear on your server as a new user?
That's what receipts and activation codes are for. In the Mac App Store, I use the receipt. Network requests include the app receipt which I can verify with Apple, and then double-check Apple's response to make sure it is my receipt. I do something similar with my Developer ID version. It is tricky though. This is one of many points that the anti-App Store crowd conveniently forget. Your 30% comission pays for a first-class DRM infrastructure.
I simply need some way of recording the date of first use of the app so I can provide a 'free trial period' for some enhanced feature in the app. I refuse to use a 'free IAP' because it can be hacked using a delete-and-reinstall using a new App Store account.
1) The level of security needs to match the need. A simple 'hack' of deleting and reinstalling the app is really all I need to defeat. A more sophisticated hack of disassembling the code is somethng I can ignore. I see now that there is some debate as to whether or not the keychain survivies delete-and-reinstall in more recent iOS versions. I will need to do something else.
2) The app receipt, prior to the purchase of an IAP, does not contain an identifier for the user.
3) So this takes me to CloudKit as a permanent record to record the first-use date of the app by a user (identified by their Apple ID not App Store ID).
4) unless you have some other suggestion. I do not maintain a server (other than CloudKit).
I see your other question. I will add an additional reply there. It is possible that I've been misleading you. I was speaking strictly from a macOS perspective. I don't know about the keychain on iOS.
This might be something you could do pretty easily on AWS lambda.
