iOS app developers reveal that Apple has started adding a field called “unique_identifier” to receipts, most likely in an attempt to put an end to the hacking method made available a few days ago by a security researcher.Apple’s initial attempts to stop Alexey V. Borodin from helping users make in-app purchases without paying any money have failed.
The YouTube video made available by Borodin was removed, his server’s host stopped providing services to him, and even PayPal blocked his donations account. However, in a few hours, all of this was taken care of by the expert.
He even ensured that people would stop suspecting him of colleting their account details by making them log off their iTunes account before applying his hack.
Today, Borodin announced that Google has shut down the blog where the “getting started” instructions were displayed.
“Okay, it's time to move to another blog system. Let's free Google from problems coming from some fruit company. Okay, here is solution. Getting Started is now hosted on another server,” he wrote.
Now, according to MacRumors, app developers are reporting that Apple has introduced a unique identifier which includes the Unique Device Identifier (UDID) for the device that’s performing the in-app purchase.
The curious thing about this move is that the Cupertino company wants apps to stop collecting the UDIDs.
This may mean one of two things. The firm is either using the unique_identifier as a first stage in implementing unique receipt identifiers to increase security, or it is trying to locate the individuals who have shared their receipts with the Russian researcher.
On the other hand, Borodin has explained the reason why he is offering this service for iOS users. He claims that while apps can be downloaded for free as many times as the customer wants to, the “consumable” items in apps are lost.
“You can buy lots of consumable items in app, delete application, install it again. All is gone. Money too. No way to restore your purchases. Is it okay?” he explained.