Handling Empty 'in_app' Attribute in App Store Receipts

You are only sending the receipt when you believe that a purchase has been made, right?

Do you know if the problem is permanent or transient? If the user can try again and then it works then it is less serious.

Have you actually looked at the raw receipt content to see if it contains any IAPs?

Possible causes include:

1. Your bug.

2. Apple’s bug.

3. User has hacked the app.

This is difficult to debug unless you are in contact with one of the end users who is affected. Consider adding something to the app encouraging users to get in touch when this happens. You can then ask them, for example, “what is unusual about you? did the payment go through? is your device hacked? are you running an iOS app on a Mac, or some other unusual setup?”.

In my experience, a small number of users will fail verification (specifically in my case, AppAttest and DeviceCheck) with no good reason. (I.e. I believe it is Apple’s bug). You should consider whether receipt validation etc. is actually worthwhile, compared to just trusting that the app is not hacked. I.e. is the cost of providing your paid content to users with hacked devices who have not paid more or less than the losses you suffer when a genuine user is declined and writes a 0-star review.