Unity IAP - Server-side validation

Hello,

I am implementing purchases for iOS devices using the Unity IAP, and I wanted to be capable of verifying those purchases from the server side. I found out about the verifyReceipt request, which was perfect for my case, and after implementing it, I saw that it is deprecated. I have been searching for a similar way of validating the transactions but haven’t found a similar system. Other alternatives that I have seen depend on having the device making the validation, which I want to avoid, or seem to be for subscriptions and not consumable purchases.

Does anyone know about a similar way for doing this validation on server side using Unity IAP?

Apple doc for the verifyReceipt request: verifyReceipt | Apple Developer Documentation

Thank you!

Hi there!

Validating receipts on the device is indeed not a secure method at all and should only be used for checking the general correctness of the receipt at best. For server-side validation, there are several ways available:

  • run your own server that receives receipt requests from your users and validates them with the App Stores, then returns the result back to the app
  • use a service that manages servers and offers receipt validation endpoints, but is mostly limited regarding re-validations like PlayFab or Unity Gaming Services

Therefore, I would like to introduce you to my asset, the Receipt Validator :slight_smile:
This is a managed service with a free plan, that can validate non/consumable products with Google or Apple at the time of purchase. On a paid plan, you could also make use of subscriptions and user inventory, so users request their purchase inventory when launching the app, and nothing is stored locally (further reducing the risk of hacks). The documentation has a quick start and store-specific guides to get you going quickly. Currently the service already validates thousands of purchases each month. If you’re interested, create an account and ask more questions in a support ticket, or here :wink: