Android In App Billing and storing Managed Purchases

Im looking at porting a popular WP7 game of mine to Android. What I would like to do is offer it as free, but after about 5开发者_JAVA技巧 minutes of play time the only option the downloader would have is an in app purchase to fully unlock the game. However, I see that the official Android SDK for IAB in the context of Managed Purchases has a "Restore_Transactions" available, but it doesn't say I can use this on each launch of the game. http://developer.android.com/guide/market/billing/billing_overview.html

So, the question is, how/where/what format do I store the fact that the user unlocked the game without calling "Restore_Transactions" on every game launch?

As the developer, you are responsible for restoring purchased transactions of the managed purchase type. The sample Dungeons application queries for managed user purchases on app start. I do not believe network access is required to query the market for in-app purchases, as it queries the internal market db for auth.

For more info, find this code in Dungeons.java

.....

/**
 * Reads the set of purchased items from the database in a background thread
 * and then adds those items to the set of owned items in the main UI
 * thread.
 */
private void doInitializeOwnedItems() {

.....

and fully read the following: http://developer.android.com/guide/market/billing/billing_admin.html

In your publisher page of your android market. you can set the in app purchase item to 'managed purchase'. This means the android market will keep a record that the user has bought this item.

Therefore if you query the android market on loadup it will return your "RESTORE_TRANSACTION" state and you know that the user has purchased this item.

As your asking how do you not do this:

You could store it in a database on the phone (easily hackable by a rooted phone).

You could store it encrypted in a database in multiple tables on the phone (less hackable, will be lost if the user uninstall's).

You could store a user reference on your phone with the database stored on a secure server of your own (something like the IMEI number concat'd with the install date and a SecureRandom().nextLong()).

or

As you said you don't want to do, you could store the original purchase then query the InApp billing service.

Quoted from the google doc:

If you have a remote server, we recommend that you store purchase information on your server instead of in a local database on a device

Further reading: InApp Security & Design