We received some disturbing tips today that a Russian developer has published a method of obtaining in-app purchases from iOS apps for free. The “in-app proxy” method does not require a jailbreak, can be completed by novices in three steps using just an iOS device, and allows users to install in-app content for free. The hack also works on all devices running iOS 3.0 to 6.0.
Only works if the developer of the app doesn’t verify the store receipt after “purchasing”
Apple’s in-app purchasing process circumvented by Russian hacker →
iOS Developer Library: Verifying Store Receipts →