View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0018063||Runner||IAPs||Public||2015-05-27 09:07||2019-09-02 11:20|
|Priority||High||Severity||C - General||Reproducibility||100%|
|Target Version||2.2.4||Fixed in Version||2.2.4|
|Summary||0018063: IAPs: Checking if an IAP product has been refunded using iap_refunded always returns false|
|Description||Checking to see if an IAP has been refunded by using something like "if (ds_map_find_value(map, "status") == iap_refunded)" will always return false. To verify 100% I have tested using a live IAP that was refunded using a personal tester account for Google Play.|
Allows a player to essentially keep their IAP(s) while getting their money back, thus "cheating the system". If iap_refunded returned true I could react appropriately by "taking away" the IAP from the customer who got their refund, which would end in a fair outcome.
|Additional Information||Original helpdesk ticket: http://help.yoyogames.com/tickets/85441|
|Tags||No tags attached.|
|1.4 Found In||1.4.1567|
|2.x Runtime Found In|
|2.x Runtime Verified In|
The current Google Play "Billing" system doesn't appear to have any concept of refunding a standard durable/consumable product - only one call to get the list of revoked subscriptions. However, this subscription revoke call is a HTTP request you would have to do via your custom payment web server and isn't part of the SDK for us to implement in the updated IAP library offered alongside 2.2.4 (the functionality to support payment servers will be there, but you will have to write the server yourself). Under the current Google Play model, you should basically be querying every startup which IAPs have been purchased, at which point refunded ones won't be returned, and then you only unlock restricted content for that one game session. That way, if a purchase is refunded it's only "exploitable" until the game is restarted (or, if using a custom server and opted-in to Google's notification service, you could send a message to the game to turn it off immediately).
Suspect we now actually need to just make iap_...() functions write to the console that they have no effect on Google Play/Apple platforms/Amazon.
As suggested above, the function is now gone. Closing as "Fixed".
You will need to handle receipt validation and only unlock the items you successfully validate / don't unlock things which don't pass validation. This is the same on all Apple platforms, Google Play, and Amazon.