Restore used to restore purchases for different accounts in ios app

Question

I had implemented the restore button in our app but it is causing us a issue where if the member created Account A from our app and pays through the appstore. then if he creates another member in our app and restores the purchase by tapping the restore button and putting in his app id in this fashion using just one apple app id he is able to have multiple platinum members by buying just once fo one single member and restoring multiple times for diferent members.

This is for an upcoming website and app where i have a free/basic plan for anyone who registers and then an upgradable one time/lifetime platinum plan. Now in my ios app I have received a message from Apple in the resolution center that "To restore previously purchased In-App Purchase products, it would be appropriate to provide a "Restore" button and initiate the restore process when the "Restore" button is tapped by the user."

Now if a member has upgraded from one device and is logging in from another ios device he will not be a basic member as he is already a Platinum member as per our database and hence will not see the buy/upgrade to platinum scene in our app.

Basically Can I avoid a rejection by removing the Restore button. What will be my solution the the above case

I have selected a Non-Consumable Purchase

Answer 1

is platinum membership associated with a specific login to your server? If so, then on your server, when you process the in-app purchase receipt and associated it with a user account you record the receipt ID. Every time you process a receipt, you check and see if another user has already claimed that purchase first, and don't honor it if it's a repeat. Replay attacks are a pretty classic ploy and easily defeated if the purchase is tied to a user login...