It is confusing that the receipt's ASN.1 "App Version" field contains CFBundleVersion, aka "build version". Apple's receipt validation guide states that this value should be verified. This raises two questions:
First, why verify App Version? If user purchased IAP from a different app version, in most cases won't we expect that IAP to still be valid?
Second, isn't "build version", which is not guaranteed to be unique across app versions, the wrong value to be verifying?
The purpose of this field is to allow the app to discover whether the user purchased an early version or a late version. Specifically, to convert an app that is originally launched as a paid app to a free app with IAPs - here's how you do it. You check this field and if it indicates the early, paid version you credit the IAPs. What I do is simply use a build numbering system with a dot. My early paid apps had all kinds of build numbers - frankly I don't recall them - but they did not start with a "12.". My newer versions all have build numbers that start with "12.". So all I need to do is check for a "12." - if it's not there the original app was a paid version.
Yes, it would have been more direct if this field contained the app version not the build version. There must be some reason why Apple was unable or unwilling to do that. But whatever the reason, this works.
