Apple offers developers temporary fix against free in-app purchases
Apple provides developers with a temporary method against fraud with free in-app purchases. The company is working on an iOS fix. There is also an exploit for OS X apps. The App Store will be down worldwide on Saturday morning.
Apple has confirmed that in-app purchases can be fraudulent and has posted a Q&A online for developers explaining how to prevent users from circumventing the payment method. The Cupertino company is working on a fix that should permanently solve the problem, discovered 9to5Mac. Last week, a Russian developer revealed the hack, which requires the user to install some profiles and change DNS settings. The method doesn’t work with every app.
Meanwhile, the same Russian hacker has disclosed a method for allowing users to make free in-app purchases of applications for OS X as well. Here too, the user must point his system to the Russian server after DNS changes. That server then pretends to be the Mac App Store and provides the authentication required for the purchase. In addition, the user must run a separate app called ‘Grim Receiper’, thus The Next Web.
On Saturday morning, Apple’s App Store is experiencing downtime worldwide, writes also The Next Web. Apple would not have announced any scheduled maintenance. It is unclear whether the downtime is related to the circumvention of in-app purchases.