Google Play warning: Your app is using an incorrect implementation of in-app billing
DigiChain
Member, PRO Posts: 1,288
@ForumNinja @BlackCloakGS
I've just received this warning from Google for one of my games (which was published over a year ago now).
Is this a new requirement which is likely to be flagged in all our published apps?
Here's the email received:
Hello Google Play Developer,
We detected that your app(s) listed at the end of this email are invoking the in-app billing service without setting a target package for the intent. This can enable a malicious package to bypass the Play store billing system and access items that have not been purchased.
Next Steps
If you are using IabHelper, please start using the latest SDK.
If you are manually invoking the in-app billing service, make sure you are calling Intent.setPackage(“com.android.vending”) on any intents to "com.android.vending.billing.InAppBillingService.BIND".
Sign in to your Developer Console and submit the updated version of your app.
Check back after five hours - we’ll show a warning message if the app hasn’t been updated correctly.
We’re here to help
If you have other technical questions about the vulnerability, you can post to Stack Overflow and use the tag “android-security.” For clarification on steps you need to take to resolve this issue, you can contact our developer support team.
Regards,
The Google Play Team
Comments
me too....
dapion.de
[https://twitter.com/dapionde?]
This may help!
Update your Android SDK
republish it and see what happens.
I did the same 2 months ago and I got no warnings so far
My Apps
https://itunes.apple.com/de/artist/david-zobrist/id733552276
https://play.google.com/store/apps/developer?id=David+Zobrist&hl=de
@BigDave - yeah hopefully an update will sort it.
I have older games on the store which haven't received warnings yet though... so waiting to see if I receive anymore before I start updating.