Do I need to protect my desktop app if distributed over AppStore?

StackOverflow https://stackoverflow.com/questions/23238924

Question

I have made a simple desktop app that I want to sell through the AppStore. Of course I want to be protected against piracy. Does AppStore give any protection? How does that process work?

For instance, what prevents a dishonest person from buying my app and then upload it on a torrent and share it with others. If these other people download my app, will they automatically be asked for their identity check (Apple ID and password), the first time they try to use my app, thus preventing them from using it if they have not bought it legally.

If this identity check does not happen automatically, then do I need to add some code in my app that will ask for the identity check. If so, where can I find info about how to do that?

I'm not entirely sure how this process works. Could somebody shed some light on it?

Was it helpful?

Solution

Mac App Store slips a receipt each time it is downloaded into the bundle. The receipt contains information about the computer used (the so called GUID) and the user logged into the App Store.

See here how you should validate the receipt: https://developer.apple.com/library/mac/releasenotes/General/ValidateAppStoreReceipt/Introduction.html#//apple_ref/doc/uid/TP40010573

If you implement the GUID validation as described in the document, the app will not run on any other computer.

Also check the signature of your code to make sure it has not been tampered: Verifying app's signature by code

OTHER TIPS

Your application, when downloaded from the App Store, contains a receipt. The receipt contains proof that it was downloaded onto this computer from the App Store, and the ID of the application. There are instructions somewhere on Apple's website that tell you how to verify the receipt and what to do if the verification fails.

That said, you are much better off concentrating on writing an app that people actually want to buy. People who pirate your app wouldn't hand over money if it couldn't be pirated. They would do without it, pick some free app, or pick a different app that they can pirate.

And I'm quite sure that any copy protection you build into your app yourself will get it rejected from the App Store.

Even though the answers I've got were helpful, they didn't quite provide the answer I needed. Looking around I found a software called Receigen from Laurent Etiemble, and the FAQ on his site (http://receigen.etiemble.com/faq.html) gave many answers for what I was looking for. For instance

What is an App Store receipt validation ? Why is it needed ? Basically, an App Store receipt is what an application must check to ensure that the copy is genuine and can be run.

What happens if I don't check the App Store receipt ? Well, anybody with a copy of your application can run it, with or without proper authorization.

Is the code receipt validation easy to write? No because it requires deep understanding of cryptography and secure coding techniques.

It didn't hurt either that Receigen generated code that freed me from dealing with receipt validation code. Receigen takes care of this part so I can focus on what is really important for me: my application.

Yes, it costs money but personally I am more than glad to pay it, because I find this part of the development tedious, boring and complex.

TPInAppReceipt is a great package for this.

I was able to easily add local receipt validation after trying many others solutions less successfully:

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top