Forum ‹ PayVault ‹ Using PayVault with StoreKit/Google Play

[HVStudios]

Hello,

We are working on a mobile game and we are interested in using PayVault to securely store our users' in-game currency. The PayVault system seems great for this, but we were wondering if it is OK to use StoreKit for iOS or Google Play for Android in conjunction with this system.

Our plan would basically be something like this:
1) A user clicks an IAP item. We perform the IAP process through StoreKit/Google.
2) StoreKit/Google returns to us whether the purchase was successful.
3) We send a request to our PlayerIO server to validate the receipt from StoreKit/Google.
4) Upon validation of the receipt, we use the Credit() method to add some currency to the player's PayVault.

Does that seem possible? The PayVault documentation makes it sound like a PayVault provider may be necessary (of which Apple/Google are not listed), but the PayVault API makes it seem like you could use other providers and call Credit() to add the currency yourself. Thanks!

[Pawel Wozniak]

They are not listed but they are available and described in documentation (as far as i know) when you are a paid member

[Guillaume]

How will it be now with the new TOS from Yahoo ?
Are theses options available directly ?

If yes when ?
Thanks in advance !

[Henrik]

They will be available to everyone, we just need to clean up the documentation first.

[Guillaume]

What a good news !

Thanks !

[Guillaume]

Sorry to up this post but are they any news about the Google Play / iOS documentation ?

I'm planning to have my game available on YGC / Facebook / iOS / Android, but for iOS and Android there is no documentation for the moment for the Payvault integration. I can see the button to enable Payvault on theses platform, but the documentation don't mention them.

[robscherer123]

I have no clue why there is no link posted anywhere on the site, unless I am just overlooking it. The documentation exists though. I tried changing the URLs a while back because I needed the documentation for google wallet, and low and behold it existed!

Google Wallet: https://gamesnet.yahoo.com/documentation/services/payvault/provider/googlewallet
Google Play: https://gamesnet.yahoo.com/documentation/services/payvault/provider/googleplay
iOS: https://gamesnet.yahoo.com/documentation/services/payvault/provider/iOS


They really should put a link to these somewhere though, as no one has any way of finding these documentations right now.

[Guillaume]

Amazing ! Thanks Robscherer !

I will copy theses page locally just in case :p !
Strange that they forgot to put the link...

Thanks again !

[Guillaume]

InApp Billing V2 will be not supported anymore begining of January 27, 2015.

https://support.google.com/googleplay/a ... 90268?rd=1

The YGN guide mention about setting your product unmanageds, but from the Google Play documentation, the V3 Billing support does not include Unmanaged product, as far i can see !

All the products must be managed now !
It's somehow problematic if you have an already published app, because you can't modify an inapp product type on Google Play.

You may try to create a new one, but YGN rely on a very strict naming convention for the moment (Like coins500, itemcar etc.), and so it's impossible to delete and recreate the exactly same item, you must delete and recreate your whole App on Google Play...

It may not be problematic for item (you can easily change product names inside the game too) but for the coin you just can't sell the exact amount like before...

[jasonredhawk]

any news on Google Play In-App Billing Version 3 for PayVault?

[Guillaume]

From my own experience, follow the YGN tutorial, but you must create you IAP's as Managed.

What is different on Google Play ? I think that you must do specific code to "Consume" the product, because with In-App Billing V3, a paid object will automatically be added in the user History. Of course, consume only if needed, like...Consumable products !

Personnaly i use "Unibiller" plugin for IAP, and it is already using the In-App Billing Version 3, so it's ok. Unibiller will automatically consume for you Consummable products if referenced in the Plugin as Consummable.

As usual, i keep the receipt of the transaction on Google Play and send it to YGN to validate the transaction and effect of the purchase, according to your implementation.

My game is not yet published, but from the Alpha Builds and test, everything is working fine on Google Play and YGN. So you don't have to worry !

[jasonredhawk]

Thanks! I've built a Flash AIR for Android game that has "managed" consumable items. I've got it all working using the milkmangames.com Native Extension for Flash AIR (called MmgAndroidIABANE). However I've got hackers who can simulate a successful purchase, and because I don't have server side verification, they pretty much get away with it. So I've been looking everywhere for examples of how to do server side verification in C# so that I can use it in YGN.

I just don't understand how that all works, so I find here on YGN a Google Play provider within PayVault and it does the server side verification process for me. Which is awesome, but at the very top of the page, it says it only uses Google Play In-App API v2, which won't work after Jan 27th 2015. So I think I'm back to square one.

How do I validate my purchaseToken or signature or however-that-works from Google Play to YGN server so I don't get hacked?

[Guillaume]

Don't forget that Hackers are not your regular users. Of course, try to protect your game enough, but Hacks would never had pay for the game anyway.

You can obfuscate your code, it can help you from script kiddies hacker, see this or this for some more information.

Btw, i think that you don't have to worry of what is said on YGN page. The minor difference is that in unmanaged mode, you have to validate the transaction receipt manually (i'm not even sur for that), and that Google server doesn't manage the bought product at all.

In IAP Billing V3, Google servers ALWAYS save the transaction and the product on their server. This is why consummable product have to be consummed...In V2 this notion was not here at all (For Unmanaged product i mean of course). And because Unmanaged product doesn't exist anymore in IAP Billing V3, you get the point.

What is the only IMPORTANT and REQUIRED thing for Payvault is...the receipt ! YGN can check with Google the validity of the transaction. I've made some test, and you don't have to worry, V2 and V3 Receipt are the same, or at least, Payvault see them as valid.

In the normal scenario of any Google Play purchase, your plugin must return you the receipt of the purchase. According to the plugin implementation, you will have 2 variables, a JSON string which is the inapp_signed_data and a signature string, which is inapp_signature OR you may have only one JSON string, embedding theses 2 informations. In this case juste split what is needed to have theses 2 informations.

For an optimal security, my advice is to validate the purchase in your game on the client side only if:

1. Purchase is mode on Google Play
2. At OnSuccess event of your purchase plugin, validate on Payvault the receipt
3. That Payvault callback say it's ok !

Then you may give the purchased object to the player.

Here a commented code i have made for you, in C#, that explain how you may implement the workflow. Of course, you have to adapt it to your ActionScript, but you will get the point:

Code: Select all

public void SendReceiptToPayVault(ReceiptDeserialize currentReceipt)
{
   try
   {
      //Assume client is a reference to an already connected Client.
      //Pass signed data and signature to useBuyInfo
      Dictionary<string, string> info = new Dictionary<string, string>(2);

      info.Add("inapp_signed_data", currentReceipt.json);
      info.Add("inapp_signature", currentReceipt.signature);
      client.PayVault.UseBuyInfo("googleplayv2", info, delegate(Dictionary<string, string> result)
      {
         //Yeah ! If we are here, that mean that everything is OK for Payvault !
         Debug.Log("Receipt successfully sent !");
         
         //Warning ! YGNBiller does not exist in PlayerIO, it's just a bridge class I have made to avoid different code base in method like this one for Flash / Webplayer versions and Android / Ios
         //Since everything is ok (Google Play and Payvault) you can say to your game to give the desired bought product.
         //You can do that manually if you want. Here, GetCallbackById search for the given id and execute the success method for this Id.
         //This way, you have only ONE Payvault (for Android) Method, it's generic, only the content of GetCallbackById is specific. You may do something better than that !
         YGNBiller.GetCallbackById(currentReceipt.productId);
         
         //You can ignore this line. In my implementation, every Google Play or iOS purchase are stored in the save if for some strange reasons, they were never validated on Payvault.
         //Because the statut is unknown (Maybe internet is gone during the process), theses Purchases are queued, and will be validated at next startup, then removed from the save when verified.
         //This way, users can't complain that they have "lost" a purchase. Think of Atomicity in your Purchase Workflow. This is one strategy.
         //Has you see here, and because we are on the success method of Payvault, this line only remove the current "Unknown" queued purchase.
         unvalidatedReceipt.Remove(currentReceipt);
         
         //Updating the local save of the game with new products, if not done yet !
         Save();
      }, delegate(PlayerIOError error)
      {
         //If we are here, that mean that there was an error or that the receipt is invalid from Payvault server side verification
         //Nothing happen here. No "Success" popup or anything more for the player because the transaction doesn't have finished right. Game continue normally.
         Debug.Log("YGN responded with an error to the Receipt...");
      });
   }
   catch (PlayerIOError e)
   {
      Debug.Log("Fatal exception in ReceiptService");
      //Handle error as you wish
      //Nothing happen here. No "Success" popup or anything more for the player because the transaction doesn't have finished right or something bad happened in code.
      //Game continue normally. But if in this case, maybe something worse happened, maybe it's good to show an error popup ?
   }
}


Good luck ! I wish this will help you !

[Henrik]

Thanks Guillaume for digging into that, we can make PayVault work with Google Play v3 as long as there is a receipt that can be validated server-side, but that part is completely missing from their v3 documentation.

I don't know if they're gonna shut down that part when they shut down v2 completely, that's what's making us uncertain in knowing if we can support Google Play going forward. We'll try to get some answers and we hope to be able to make the Google Play support official.

[jasonredhawk]

Thank you so much Guillaume for that, I'll try to implement your code soon, I'll let you know how it turns out!

[Guillaume]

Thanks Guillaume for digging into that, we can make PayVault work with Google Play v3 as long as there is a receipt that can be validated server-side, but that part is completely missing from their v3 documentation.

I don't know if they're gonna shut down that part when they shut down v2 completely, that's what's making us uncertain in knowing if we can support Google Play going forward. We'll try to get some answers and we hope to be able to make the Google Play support official.

Hello Henrik,

According to the documentation here, in "Migration Considerations" we can read:

The In-app Billing Version 2 API is deprecated and will be discontinued in January 2015. If you have an existing In-app Billing implementation that uses API Version 2 or earlier, you must migrate to In-app Billing Version 3.

If you have published apps selling in-app products, note that:

- Managed items and subscriptions that you have previously defined in the Developer Console will work with Version 3 as before.

- Unmanaged items that you have defined for existing applications will be treated as managed products if you make a purchase request for these items using the Version 3 API. You do not need to create a new product entry in Developer Console for these items, and you can use the same product IDs to purchase these items. They will still continue to be treated as unmanaged items if you make a purchase request for them using the Version 2 or earlier API.

As you can see " Managed items and subscriptions that you have previously defined in the Developer Console will work with Version 3 as before." .

Also i have found in their documentation what you was searching. The only difference between V2 and V3 is that V3 doesn't have the "nonce" and "notificationId" field anymore.

See for V2 here on Table 9 and for V3 here on Table 3 and Table 4.

In my opinion, everything will work as before on V3 only.
Plus, as i said, my IAP Plugin (unibiller) ONLY use V3 since the begining.

Concerning Payvault validation, correct me if i'm wrong, but Payvault only:

- Check the Receipt validity, thanks to the Data Signature, Signature and our Google Play key.
- If validation algorythm say "OK", then historise the receipt and fire the required Vault update event.

This mean that you don't have any direct Google Play communication from Payvault. As far as the receipt validation system is the same on Google Play V3, wich seem to be the case, everything will go fine i guess ?

In the worst case, we will see at the end of the month...

[jasonredhawk]

In the C# example you've shown, it's assumed that I have a client reference to an already connected Client

client.PayVault.UseBuyInfo("googleplayv2", info, delegate(Dictionary<string, string> result)

However, my client reference is within Flash. The only C# code I touch for my Flash game is in the Game.cs, which seems to only handle Player object communication. There's no reference to the client connection.

Within Flash, I do see this:

client.payVault.usePaymentInfo(provider:String, providerArguments:Object, callback:Function, errorHandler:Function = null);

I'm not sure that's the same thing, but I'd still have the same issue with hackers if the trigger the callback function within Flash.

So how do I reference the client from within the Game.cs file provided initially by the SDK template? Hope that makes sense.

Again thank you for your continued help, I feel I'm so close to solving this!

Cheers,
Jason

[Guillaume]

You can't have 100% security. And as i said before, not everyone is a hacker, and i think that you must focus on your real players.

But otherwise:

Verifying that the purchase is valid on Payvault is the first step. From my point of view it's the minimum security that your game must have.

Hacker may call the Success function yes, but it's harder for them. If i see this from a C# point of view, the function is internally private and anonymous, so it's a lot more difficult to find the method reference for hacking.

However what can i say ? In the worst case, the good solution would be to validate localy the receipt, in the same way it's validated on Payvault. This way, you may only change the desired variable within the function if your receipt validation is OK. But it can be harder to implement what is needed, because you need some component wich are maybe not present in your code namespace ? If you follow this path, here some minimal informations from Google Play.

But an important question is: How are your IAP implemented ? What is your scenario ? Is it commonly Non-Consummable product or Consummable ? Remember that real validated purchases are stored on Payvault, and so, you can retrieve the purchased elements by refreshing the client local Vault. This mean that for non-consummable product you can rely on Payvault.

In my game implementation:

- If no internet, i assume that everything is OK about IAP.
- If internet available, i do a double verification: Seeing if a Non-Consummable item is present on the Vault OR if it is present in the Google Play transactions. If both say "NO" and the content is actualy unlocked in the game, then i lock it again. I only do this for Non-Consummable items, because i have a distinct logic about Consummable content for the Web/Flash version and the Mobile Device version.

Concerning the Flash version implementation, i'm not an expert, and i'm sorry, i don't have any Flash project to test directly.
However YGN have a "TODO" Google Play page, wich may be incomplete for your need but here it is.

I can't validate but the only difference i may see from the example code of YGN is that "notificationId" don't exist anymore in V3, but verify by yourself a receipt if it's present or not. According to the V3 documentation it's not present.

If not present, everything will work, but i think the line 17 (in the example) will never be fired.
Long story short: Use client.payVault.useBuyInfo instead of client.payVault.usePaymentInfo

Talking about client object, this mean that you are connected to YGN/PlayerIO backend, not specially that you are connected to a Multiplayer/Server service. There is no problem to do this from Flash.

Here the official documentation for AS3.

As you can see in the doc for "Callback:*":

Code: Select all

Function executed on successful connect: function(client:Client):void{...}

So, when your game start:

1. Use PlayerIO.Authenticate
2. Reference the Client object returned in the success callback somewhere
3. Use the client object when you need to call the methods i said for Payvault etc.

Of course, you may only authenticate with PlayerIO, only when needed.

Little additionnal info, of course there is a little difference between the C# implementation and the AS3. C# was having an Error or Success delegate function to manage what to do. In the AS3, as i see, it seem that it's not the case, but however you directly have the method result in the "Result" HashMap. As written at the bottom of the screen:

Code: Select all

Repeating Result Values
<orderid>   The status of each order in the signed data. Contains the Product ID if everything went ok, otherwise a short error message.

So just check and do your success code in the function if everything is ok !

The final question for you is: How do you manage player identity constitency ? If any of course.
In my game, it's Google Play (Non Consummables IAP synchronization only) and the Facebook identity (Non Consummables IAP synchronization and the entire game progression/scores etc.). So in my case, Facebook it's the only way to retrieve your game save if uninstall your game, or install it elsewhere.

I wish that it's enough for you this time ? :3

[Guillaume]

BUMP !

Just to tell to jasonredhawk that if you find that you have missing methods for Flash, i found that there is a mistake in the Flash SDK provided by YGN.

The example game project is provided with two things:

- PlayerIOClient.swc
- A folder named playerio, wich contain some PlayerIO methods definition in AS3

It seem that theses source files are wrong or outdated and if they are in your project, they will hide the up to date implementation.
Be sure to:

- Import PlayerIOClient.swc in your project as a library (lib folder for me in FlashDevelop)
- Delete all PlayerIO AS3 source file you can find.

Then, FlashDevelop autocompletion should show you the "reality".

[jasonredhawk]

Thank you again Guillaume, I've been going over what you've said in the last post before this one. I really appreciate your patience and effort.

Though I understand what you are saying in your C# code for json and signature, and using UseBuyInfo(), I don't have access to a client reference in C#. The client reference is in Flash. So I thought, perhaps I could do another client reference in C#, in the Game.cs file, and do a QuickConnect using the username/password that I have in Flash. However, when I tried that, I couldn't get it to work, because I didn't have a reference to the PlayerIOClient.dll file. It was easy to find in the DotNet folder of the SDK I downloaded. Unfortunately, once I referenced it, there became an ambiguous error. I'm still trying to sort it out.

Anyway, at this point, I just downloaded the SDK again, I'm hoping the new SWC you mentioned will help.

This is what I'm going to try next, from within Flash:

Code: Select all

public function onPurchaseSuccess(e:AndroidBillingEvent = null):void
{   
   var providerArgs:Object = new Object();
   providerArgs.json = e.jsonData;
   providerArgs.signature = e.signature;

   // myClient is the client I received from my PlayerIO Connection.            
   myClient.payVault.usePaymentInfo("googleplayv2",providerArgs, function()
   {
      trace("\nAuthentication: SUCCESS ");
   },function(){
      trace("\nAuthentication: FAILED ");
   });
}



Not sure it'll work, but unless I can get a reference to the client from within C#, I'm not sure how I'm going to solve this.

Just to explain in a little more detail on what I'm trying to do specifically.

In my game, there's a section where I display potential upgrades that I'd like to add to my game. Imagine a kickstarter or indiegogo, but within my game. Players can then vote on which upgrade (or unit) that they'd like to see me build next. Players must purchase votes, which are consumed once applied to one of the potential upgrades. So at the end of every month, whatever upgrade has the most votes, that's what I build!

Problem is that hackers are messing up all my voting system. See, it's an accumulation of all the players' votes that decides the winning upgrade. So when a hacker comes in a adds 2000 votes, when usually it's 5 votes, I have to go into the database and fix it manually, which is a pain.

Now I use milkmangames.com IAP ANE, which works great and is easy to use. However, there's no server side purchase authentication. After looking all over the internet for some code I could use, I found UseBuyInfo offered right here, which was a relief, but I still can't figure it out in C# (as mentioned above). I'm still processing what you wrote in your last post.

I will definitely follow up on this post once I get it working. I thank you for your help!

Cheers,
Jason

[Guillaume]

You are right, I have seen that UseBuyInfo is missing from AS3 implementation.
In the worst case, if usePaymentInfo don't work as expected, you have the ServerSide solution:

- Connect your player to a Room.
- On the Player Client object, go to PayVault and then validate by UseBuyInfo from the server with the receipt !

EDIT: On the player Client Object in the server code of course, not the client.

[jasonredhawk]

Oh my, that might do the trick. In my Game.cs file, I have a reference to player object. I didn't know I could access the PayVault from player.

I'll be testing this, I'll let you know if it works!

Code: Select all

                       Dictionary<string, string> info = new Dictionary<string, string>(2);

                        info.Add("inapp_signed_data", message.GetString(0));
                        info.Add("inapp_signature", message.GetString(1));

                        player.PayVault.UseBuyInfo("googleplayv2", info, delegate(Dictionary<string, string> result)
                        {
                            // Success authentication
                        }, delegate(PlayerIOError error)
                        {
                            // Failed authentication
                        });



This might be exactly what I've been looking for!

J

[Guillaume]

Cool !

Wait & See so 8)

[Henrik]

jasonredhawk,

What language is your game written in? Actionscript or C#?

Regardless of which language you use, the general idea of the PayVault integration is that you use some sort of library or native code for the mobile device to get the transactionreceipt (iOS) or the inapp_signed_data (Google Play), and then use the PayVault method to send that to the YGN backend, so that we can validate the purchase, which in turn requires you to have setup PayVault correctly, and your items for sale correctly.

You might be able to do that validation yourself in the multiplayer server, which gives you a bit more flexibility with regards to how you validate purchases, but the flow is going to be roughly the same.

[jasonredhawk]

Thanks Henrik for the reply! I think I might have a solution that'll work in my multiplayer game.

In Flash, I use the Milkmangames IAP ANE to make a Google Play purchase. Here's what I now have in Flash on a "supposedly" successful IAP:

Flash AS3 Code:

Code: Select all

public function onPurchaseSuccess(e:AndroidBillingEvent):void
{   
   playerioConnection.send("verifyAndroidReceipt", e.jsonData, e.signature);
}


However, for the Flash code above to work, I had to do a temporary client.multiplayer.createJoinRoom() call for just that player. Basically a room with only that player in it. Once that player is in the room, I then have a reference to the playerioConnection, which I can then send data to the Game.cs file.

Now, here's what I have in my Game.cs file (C#)

Code: Select all

// This method is called when a player sends a message into the server code
public override void GotMessage(Player player, Message message) {
   switch(message.Type) {
                case "verifyAndroidReceipt":
                    {
                        Dictionary<string, string> info = new Dictionary<string, string>(2);

                        info.Add("inapp_signed_data", message.GetString(0));
                        info.Add("inapp_signature", message.GetString(1));

                        player.PayVault.UseBuyInfo("googleplayv2", info, delegate(Dictionary<string, string> result)
                        {
                            // Successful authentication
                            Broadcast("verifyAndroidReceipt", player.Id, 1); // Letting my game know that it was successfull verified
                            player.GetPlayerObject(delegate(DatabaseObject o)
                            {
                                // Update the player's DatabaseObject here in C#, so it can't be hacked
                                player.PlayerObject.Set("hasFullVersion", true);
                                player.PlayerObject.Save();
                            });
                        }, delegate(PlayerIOError error)
                        {
                            // Failed authentication
                            Broadcast("verifyAndroidReceipt", player.Id, 0); // Letting my game know that it was NOT verified
                        });
                        break;
                    }
               }
}


Now, the above has not been fully tested, but I have high hopes that it'll be exactly what I need!

I'll keep you guys posted on my final result.

Cheers,
Jason

[Guillaume]

Good to hear you have found your strategy !
In my own project, i removed ALL rights on BigDB from client, and i only do BigDB change from server, like a REST service.

[Henrik]

Hey Jason,

I think that looks like overkill, you should be able to just use the usePaymentInfo method in the AS3 library to do the exact same thing. It's just as secure as your solution where you do it serverside, because we take the payment information you get from Google Play, and verify them against Google Play on the serverside, using your secrets that you have entered in the Payvault setup. There's no way hackers can forge the payment data. (And if they could, your solution offers no extra protection either. )

If you decide to stick with the serverside solution, consider using a service-room for your players, that way you don't create one room per player, but instead get access to a load-balanced minimal amount of rooms, which makes everything work nicer.

[Guillaume]

Hello Henrik !

Maybe a stupid question, but why the method used to validate GooglePlay payment doesn't have the same name on the C# library and the AS3 library ?

[USELESS SEE EDIT]
Also, a more interesing question:

Actually i use ServerSide a lot to do some important stuff for my game and then return the data to the client. I'm using one random room at each server call needed. But it's maybe wrong for good performance, as you said.

I would be tempted to create one common room for all the player, it would not affect anything in term of security but how do i do if the room is full ? I remember that only 48 players / concurrent connections are allowed in one room, so how do you manage to automatically redirect all the players to an other room if full...And wich way to be able to group them in this new room ?
[/USELESS SEE EDIT]

Thanks in advance !

EDIT: Nevermind, i was not aware about this "service room" thing, i found the info in this thread . Very cool !

[Henrik]

The method has a different name in the Actionscript library because we haven't officially released it, and therefore it slipped out without anyone checking and enforcing the naming standard. We'll fix it at a later point in time.

I'm glad you found the service rooms, they're pretty useful if you just want a bunch of processing server-side and no cross-player communication.

[Guillaume]

Sorry Henrik, again, another question but it seem very important to me:

How do you manage to have SSL security activated from the AS3 implementation ?
I know that i can do it in the C# implementation, used for my mobile games.

But as i see here, i can't enable SSL from AS3 version. I looked Network Packet in Chrome and all my requests are in HTTP, not HTTPS.
Btw, if i call the request URL (even if it will not working) in the browser, HTTP and HTTPS version give responses.

Is it any way to achieve force SSL from Flash version ?
Thanks again.

(And sorry, i'm maybe a little off topic)

EDIT: I have found something for this in the class HTTPChannel in AS3, but i doesn't have figured where to set this yet.