Best Practice: Login Session on iOS

Mark Wilcox m_p_wilcox at yahoo.co.uk
Thu Apr 11 07:17:38 EDT 2013


Yes, Apple do reserve the right to reject your app for any reason at all but they have some fairly clear rules about licensing and logins.

Here's my simplest explanation.

If you want to use Apple's app store as your primary discovery mechanism (hint, you really don't want to rely on this anyway) then you can't have any other payment or licensing system than theirs.

If you have your own payment or licensing system there cannot be any way for a new user to get to it from the app (including a general link to your website from which they may be able to browse to a purchase page).

If users sign up and pay for your app/service on your own channel (e.g. website) then you can use any payment/licensing system you like (although it'll obviously have to involve logging into your server) and have a login screen protecting the functionality of your app.  It's generally a good idea to provide the Apple review team with a test login, although I've seen app updates approved without one.

FWIW, Apple's system is far from secure - the biggest obvious hole being that for anyone not synching their device with iTunes, simply logging out, logging in with the Apple ID of someone who's paid for the app you want, downloading it and then logging back in as yourself gets you a free copy to keep forever (need to do the whole silly dance again to download updates of course).

Mark


________________________________
 From: Gerry Orkin <gerry.orkin at gmail.com>
To: How to use LiveCode <use-livecode at lists.runrev.com> 
Sent: Thursday, 11 April 2013, 7:35
Subject: Re: Best Practice: Login Session on iOS
 
Er I don't think that is right. Many many apps and services require login on iOS...

Gerry


On 11/04/2013, at 2:20 PM, J. Landman Gay <jacque at hyperactivesw.com> wrote:

> You can't have a licensing or registration system of your own, you must rely on Apple to verify that your users have the right to run your app. Apple's method is pretty secure and you can usually trust that anyone who launches your app has also obtained it legally from the App Store.

_______________________________________________
use-livecode mailing list
use-livecode at lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode


More information about the use-livecode mailing list