1 page.title=In-app Billing Overview 2 parent.title=In-app Billing 3 parent.link=index.html 4 @jd:body 5 6 <div id="qv-wrapper"> 7 <div id="qv"> 8 <h2>In this document</h2> 9 <ol> 10 <li><a href="#billing-types">Product and Purchase Types</a></li> 11 <li><a href="#billing-arch">In-app Billing Architecture</a></li> 12 <li><a href="#billing-msgs">In-app Billing Messages</a></li> 13 <ol> 14 <li><a href="#billing-request">Request messages</a></li> 15 <li><a href="#billing-response">Broadcast intents</a></li> 16 <li><a href="#billing-message-sequence">Messaging sequence</a></li> 17 <li><a href="#billing-action-notify">Handling IN_APP_NOTIFY messages</a></li> 18 </ol> 19 <li><a href="#billing-security">Security Controls</a></li> 20 <li><a href="#billing-limitations">Requirements and Limitations</a></li> 21 </ol> 22 <h2>Downloads</h2> 23 <ol> 24 <li><a href="{@docRoot}guide/google/play/billing/billing_integrate.html#billing-download">Sample 25 Application</a></li> 26 </ol> 27 <h2>See also</h2> 28 <ol> 29 <li><a href="{@docRoot}guide/google/play/billing/billing_integrate.html">Implementing In-app 30 Billing</a></li> 31 <li><a href="{@docRoot}guide/google/play/billing/billing_best_practices.html">Security and 32 Design</a></li> 33 <li><a href="{@docRoot}guide/google/play/billing/billing_testing.html">Testing In-app Billing</a></li> 34 <li><a href="{@docRoot}guide/google/play/billing/billing_admin.html">Administering In-app 35 Billing</a></li> 36 <li><a href="{@docRoot}guide/google/play/billing/billing_reference.html">In-app Billing 37 Reference</a></li> 38 </ol> 39 </div> 40 </div> 41 42 <p>In-app Billing is a Google Play service that provides checkout processing for 43 in-app purchases. To use the service, your application sends a billing request for a specific in-app 44 product. The service then handles all of the checkout details for the transaction, including 45 requesting and validating the form of payment and processing the financial transaction. When the 46 checkout process is complete, the service sends your application the purchase details, such as the 47 order number, the order date and time, and the price paid. At no point does your application have to 48 handle any financial transactions; that role is provided by Google Play's in-app billing 49 service.</p> 50 51 <h2 id="billing-types">Product and Purchase Types</h2> 52 53 <p>In-app Billing supports different product types and purchase types to give you flexibility in how you monetize your app. In all cases, you define your products using the Google Play Developer Console, including product type, purchase type, SKU, price, description, and so on. For more information, see <a href="billing_admin.html">Administering In-app Billing</a>.</p> 54 55 <h3 id="producttypes">Product Types</h3> 56 57 <p>With In-app Billing, you can sell two types of products — <em>in-app products</em> and <em>subscriptions</em>. The billing characteristics of the two types are very different, but the In-app Billing API lets you handle the two product types in your app using the same communication model, data structures, and user interactions, as described later in this document.</p> 58 59 <ul> 60 <li><em>In-app products</em> — Items that a user would purchase one-at-a-time. For example, typical in-app products would let users purchase digital content, unlock functionality in an app, pay for one-time charges, or add almost anything to the application experience. Unlike with priced applications, once the user has purchased an in-app product there is no refund window. Users desiring refunds must contact the developer directly. 61 62 <p>In-app products can be sold using either the "managed per user account" or "unmanaged" purchase type. In-app products are always explicitly associated with one and only one app. That is, one app cannot purchase an in-app product published for another app, even if they are from the same developer. In-app products are supported in all versions of In-app Billing.</p></li> 63 64 <li><em>Subscriptions</em> — Items that are sold with a developer-specified, recurring billing interval. When a user purchases a subscription, Google Play and its payment processor automatically bill the user's account at the specified interval and price, charging the amount to the original payment method. Once the user purchases a subscription, Google Play continues billing the account indefinitely, without requiring approval or action from the user. The user can cancel the subscription at any time. 65 66 <p>Subscriptions can only be sold using the "managed per user account" purchase type. As with in-app products, once the user has purchased an in-app product there is no refund window. Users desiring refunds must contact the developer directly. For more information about subscriptions and how to sell them in your apps, see the <a href="billing_subscriptions.html">Subscriptions</a> document.</p></li> 67 </ul> 68 69 <h3 id="purchasetypes">Purchase Types</h3> 70 71 <p>In-app Billing offers two purchase types that you can use when selling in-app products, "managed per user account" and "unmanaged". The purchase type controls how Google Play handles and tracks purchases for the products. </p> 72 73 <ul> 74 <li><em>Managed per user account</em> — Items that can be purchased only once per user account on Google Play. When a user purchases an item that uses the "managed per user account" purchase type, Google Play permanently stores the transaction information for each item on a per-user basis. This enables you to later query Google Play to restore the state of the items a specific user has purchased. If a user attempts to purchase a managed item that has already been purchased, Google Play prevents the user from purchasing the item again and displays an "Item already purchased" error. 75 76 <p>The "managed per user account" purchase type is useful if you are selling items such as game levels or application features. These items are not transient and usually need to be restored whenever a user reinstalls your application, wipes the data on their device, or installs your application on a new device.</p> 77 78 <li><em>Unmanaged</em> — Items that do not have their transaction information stored on Google Play. This means that you cannot later query Google Play to retrieve transaction information for those items. For "unmanaged" purchases, you are responsible for managing the transaction information. Also, Google Play does not attempt to prevent the user from purchasing an item multiple times if it uses the "unmanaged" purchase type. It's up to you to control how many times an unmanaged item can be purchased.</p> 79 80 <p>The "unmanaged" purchase type is useful if you are selling consumable items, such as fuel or magic spells. These items are consumed within your application and are usually purchased multiple times.</p></li> 81 </ul> 82 83 <h2 id="billing-arch">In-app Billing Architecture</h2> 84 85 <p>Your app accesses the In-app Billing service using an API that is exposed by 86 the Google Play app installed on the device. The Google Play app then uses an 87 asynchronous message loop to convey billing requests and responses between your 88 application and the Google Play server. In practice, your application never 89 directly communicates with the Google Play server (see figure 1). Instead, your 90 application sends billing requests to the Google Play application over 91 interprocess communication (IPC) and receives purchase responses from the Google 92 Play application in the form of asynchronous broadcast intents. Your application 93 does not manage any network connections between itself and the Google Play 94 server or use any special APIs from the Android platform.</p> 95 96 <div class="figure" style="width:440px"> 97 <img src="{@docRoot}images/billing_arch.png" alt="" height="582" /> 98 <p class="img-caption"> 99 <strong>Figure 1.</strong> Your application sends and receives billing messages through the 100 Google Play application, which handles all communication with the Google Play server.</p> 101 </div> 102 103 <p>Some in-app billing implementations may also use a private remote server to deliver content or 104 validate transactions, but a remote server is not required to implement in-app billing. A remote 105 server can be useful if you are selling digital content that needs to be delivered to a user's 106 device, such as media files or photos. You might also use a remote server to store users' 107 transaction history or perform various in-app billing security tasks, such as signature 108 verification. Although you can handle all security-related tasks in your application, performing 109 those tasks on a remote server is recommended because it helps make your application less vulnerable 110 to security attacks.</p> 111 112 <p>A typical in-app billing implementation relies on three components:</p> 113 <ul> 114 <li>A {@link android.app.Service} (named <code>BillingService</code> in the sample application), 115 which processes purchase messages from the application and sends billing requests to the Google 116 Play in-app billing service.</li> 117 <li>A {@link android.content.BroadcastReceiver} (named <code>BillingReceiver</code> in the sample 118 application), which receives all asynchronous billing responses from the Google Play 119 application.</li> 120 <li>A security component (named <code>Security</code> in the sample application), which performs 121 security-related tasks, such as signature verification and nonce generation. For more information 122 about in-app billing security, see <a href="#billing-security">Security controls</a> later in this 123 document.</li> 124 </ul> 125 126 <p>You may also want to incorporate two other components to support in-app billing:</p> 127 <ul> 128 <li>A response {@link android.os.Handler} (named <code>ResponseHandler</code> in the sample 129 application), which provides application-specific processing of purchase notifications, errors, 130 and other status messages.</li> 131 <li>An observer (named <code>PurchaseObserver</code> in the sample application), which is 132 responsible for sending callbacks to your application so you can update your user interface with 133 purchase information and status.</li> 134 </ul> 135 136 <p>In addition to these components, your application must provide a way to store information about 137 users' purchases and some sort of user interface that lets users select items to purchase. You do 138 not need to provide a checkout user interface. When a user initiates an in-app purchase, the Google 139 Play application presents the checkout user interface to your user. When the user completes the 140 checkout process, your application resumes.</p> 141 142 <h2 id="billing-msgs">In-app Billing Messages</h2> 143 144 <p>When the user initiates a purchase, your application sends billing messages to Google Play's 145 in-app billing service (named <code>MarketBillingService</code>) using simple IPC method calls. The 146 Google Play application responds to all billing requests synchronously, providing your 147 application with status notifications and other information. The Google Play application also 148 responds to some billing requests asynchronously, providing your application with error messages and 149 detailed transaction information. The following section describes the basic request-response 150 messaging that takes place between your application and the Google Play application.</p> 151 152 <h3 id="billing-request">In-app billing requests</h3> 153 154 <p>Your application sends in-app billing requests by invoking a single IPC method 155 (<code>sendBillingRequest()</code>), which is exposed by the <code>MarketBillingService</code> 156 interface. This interface is defined in an <a 157 href="{@docRoot}guide/components/aidl.html">Android Interface Definition Language</a> file 158 (<code>IMarketBillingService.aidl</code>). You can <a 159 href="{@docRoot}guide/google/play/billing/billing_integrate.html#billing-download">download</a> this AIDL 160 file with the in-app billing sample application.</p> 161 162 <p>The <code>sendBillingRequest()</code> method has a single {@link android.os.Bundle} parameter. 163 The Bundle that you deliver must include several key-value pairs that specify various parameters for 164 the request, such as the type of billing request you are making, the item that is being purchased and 165 its type, and the application that is making the request. For more information about the Bundle keys 166 that are sent with a request, see <a 167 href="{@docRoot}guide/google/play/billing/billing_reference.html#billing-interface">In-app Billing 168 Service Interface</a>. 169 170 <p>One of the most important keys that every request Bundle must have is the 171 <code>BILLING_REQUEST</code> key. This key lets you specify the type of billing request you are 172 making. Google Play's in-app billing service supports the following five types of billing 173 requests:</p> 174 175 <ul> 176 <li><code>CHECK_BILLING_SUPPORTED</code> 177 <p>This request verifies that the Google Play application supports in-app billing. You 178 usually send this request when your application first starts up. This request is useful if you 179 want to enable or disable certain UI features that are relevant only to in-app billing.</p> 180 </li> 181 <li><code>REQUEST_PURCHASE</code> 182 <p>This request sends a purchase message to the Google Play application and is the foundation 183 of in-app billing. You send this request when a user indicates that he or she wants to purchase 184 an item in your application. Google Play then handles the financial transaction by displaying 185 the checkout user interface.</p> 186 </li> 187 <li><code>GET_PURCHASE_INFORMATION</code> 188 <p>This request retrieves the details of a purchase state change. A purchase changes state when 189 a requested purchase is billed successfully or when a user cancels a transaction during 190 checkout. It can also occur when a previous purchase is refunded. Google Play notifies your 191 application when a purchase changes state, so you only need to send this request when there is 192 transaction information to retrieve.</p> 193 </li> 194 <li><code>CONFIRM_NOTIFICATIONS</code> 195 <p>This request acknowledges that your application received the details of a purchase state 196 change. Google Play sends purchase state change notifications to your application until you 197 confirm that you received them.</p> 198 </li> 199 <li><code>RESTORE_TRANSACTIONS</code> 200 <p>This request retrieves a user's transaction status for <a 201 href="{@docRoot}guide/google/play/billing/billing_admin.html#billing-purchase-type">managed 202 purchases</a> and <a 203 href="{@docRoot}guide/google/play/billing/billing_admin.html#billing-purchase-type">subscriptions</a>. 204 You should send this request only when you need to retrieve a user's transaction 205 status, which is usually only when your application is reinstalled or installed for the first 206 time on a device.</p> 207 </li> 208 </ul> 209 210 <h3 id="billing-response">In-app Billing Responses</h3> 211 212 <p>The Google Play application responds to in-app billing requests with both synchronous and 213 asynchronous responses. The synchronous response is a {@link android.os.Bundle} with the following 214 three keys:</p> 215 216 <ul> 217 <li><code>RESPONSE_CODE</code> 218 <p>This key provides status information and error information about a request.</p> 219 </li> 220 <li><code>PURCHASE_INTENT</code> 221 <p>This key provides a {@link android.app.PendingIntent}, which you use to launch the checkout 222 activity.</p> 223 </li> 224 <li><code>REQUEST_ID</code> 225 <p>This key provides you with a request identifier, which you can use to match asynchronous 226 responses with requests.</p> 227 </li> 228 </ul> 229 <p>Some of these keys are not relevant to every request. For more information, see <a 230 href="#billing-message-sequence">Messaging sequence</a> later in this document.</p> 231 232 <p>The asynchronous response messages are sent in the form of individual broadcast intents and 233 include the following:</p> 234 235 <ul> 236 <li><code>com.android.vending.billing.RESPONSE_CODE</code> 237 <p>This response contains a Google Play server response code, and is sent after you make an 238 in-app billing request. A server response code can indicate that a billing request was 239 successfully sent to Google Play or it can indicate that some error occurred during a billing 240 request. This response is <em>not</em> used to report any purchase state changes (such as refund 241 or purchase information). For more information about the response codes that are sent with this 242 response, see <a 243 href="{@docRoot}guide/google/play/billing/billing_reference.html#billing-codes">Server Response Codes 244 for In-app Billing</a>.</p> 245 </li> 246 <li><code>com.android.vending.billing.IN_APP_NOTIFY</code> 247 <p>This response indicates that a purchase has changed state, which means a purchase succeeded, 248 was canceled, or was refunded. This response contains one or more notification IDs. Each 249 notification ID corresponds to a specific server-side message, and each messages contains 250 information about one or more transactions. After your application receives an 251 <code>IN_APP_NOTIFY</code> broadcast intent, you send a <code>GET_PURCHASE_INFORMATION</code> 252 request with the notification IDs to retrieve message details.</p> 253 </li> 254 <li><code>com.android.vending.billing.PURCHASE_STATE_CHANGED</code> 255 <p>This response contains detailed information about one or more transactions. The transaction 256 information is contained in a JSON string. The JSON string is signed and the signature is sent 257 to your application along with the JSON string (unencrypted). To help ensure the security of 258 your in-app billing messages, your application can verify the signature of this JSON string.</p> 259 </li> 260 </ul> 261 262 <p>The JSON string that is returned with the <code>PURCHASE_STATE_CHANGED</code> intent provides 263 your application with the details of one or more billing transactions. An example of this JSON 264 string for a subscription item is shown below:</p> 265 <pre class="no-pretty-print" style="color:black">{ "nonce" : 1836535032137741465, 266 "orders" : 267 [{ "notificationId" : "android.test.purchased", 268 "orderId" : "transactionId.android.test.purchased", 269 "packageName" : "com.example.dungeons", 270 "productId" : "android.test.purchased", 271 "developerPayload" : "bGoa+V7g/yqDXvKRqq+JTFn4uQZbPiQJo4pf9RzJ", 272 "purchaseTime" : 1290114783411, 273 "purchaseState" : 0, 274 "purchaseToken" : "rojeslcdyyiapnqcynkjyyjh" }] 275 } 276 </pre> 277 278 <p>For more information about the fields in this JSON string, see <a 279 href="{@docRoot}guide/google/play/billing/billing_reference.html#billing-intents">In-app Billing 280 Broadcast Intents</a>.</p> 281 282 <h3 id="billing-message-sequence">Messaging sequence</h3> 283 284 <p>The messaging sequence for a typical purchase request is shown in figure 2. Request types for 285 each <code>sendBillingRequest()</code> method are shown in <strong>bold</strong>, broadcast intents 286 are shown in <em>italic</em>. For clarity, figure 2 does not show the <code>RESPONSE_CODE</code> 287 broadcast intents that are sent for every request.</p> 288 289 <p>The basic message sequence for an in-app purchase request is as follows:</p> 290 291 <ol> 292 <li>Your application sends a purchase request (<code>REQUEST_PURCHASE</code> type), specifying a 293 product ID and other parameters.</li> 294 <li>The Google Play application sends your application a Bundle with the following keys: 295 <code>RESPONSE_CODE</code>, <code>PURCHASE_INTENT</code>, and <code>REQUEST_ID</code>. The 296 <code>PURCHASE_INTENT</code> key provides a {@link android.app.PendingIntent}, which your 297 application uses to start the checkout UI for the given product ID.</li> 298 <li>Your application launches the pending intent, which launches the checkout UI. 299 <p class="note"><strong>Note:</strong> You must launch the pending intent from an activity 300 context and not an application context.</p> 301 </li> 302 <li>When the checkout flow finishes (that is, the user successfully purchases the item or cancels 303 the purchase), Google Play sends your application a notification message (an 304 <code>IN_APP_NOTIFY</code> broadcast intent). The notification message includes a notification ID, 305 which references the transaction.</li> 306 <li>Your application requests the transaction information by sending a 307 <code>GET_PURCHASE_STATE_CHANGED</code> request, specifying the notification ID for the 308 transaction.</li> 309 <li>The Google Play application sends a Bundle with a <code>RESPONSE_CODE</code> key and a 310 <code>REQUEST_ID</code> key. 311 <li>Google Play sends the transaction information to your application in a 312 <code>PURCHASE_STATE_CHANGED</code> broadcast intent.</li> 313 <li>Your application confirms that you received the transaction information for the given 314 notification ID by sending a confirmation message (<code>CONFIRM_NOTIFICATIONS</code> type), 315 specifying the notification ID for which you received transaction information.</li> 316 <li>The Google Play application sends your application a Bundle with a 317 <code>RESPONSE_CODE</code> key and a <code>REQUEST_ID</code> key.</li> 318 </ol> 319 320 <img src="{@docRoot}images/billing_request_purchase.png" height="231" id="figure2" /> 321 <p class="img-caption"> 322 <strong>Figure 2.</strong> Message sequence for a purchase request. 323 </p> 324 325 <p>Keep in mind, you must send a confirmation when you receive transaction information from Google 326 Play (step 8 in figure 2). If you don't send a confirmation message, Google Play will 327 continue sending <code>IN_APP_NOTIFY</code> messages for the transactions you have not 328 confirmed. As a best practice, you should not send a <code>CONFIRM_NOTIFICATIONS</code> request for 329 a purchased item until you have delivered the item to the user. This way, if your application 330 crashes or something else prevents your application from delivering the product, your application 331 will still receive an <code>IN_APP_NOTIFY</code> broadcast intent from Google Play indicating 332 that you need to deliver the product. Also, as a best practice, your application must be able to 333 handle <code>IN_APP_NOTIFY</code> messages that contain multiple orders.</p> 334 335 <p>The messaging sequence for a restore transaction request is shown in figure 3. Request types for 336 each <code>sendBillingRequest()</code> method are shown in <strong>bold</strong>, broadcast intents 337 are shown in <em>italic</em>. For clarity, figure 3 does not show the <code>RESPONSE_CODE</code> 338 broadcast intents that are sent for every request.</p> 339 340 <div class="figure" style="width:490px"> 341 <img src="{@docRoot}images/billing_restore_transactions.png" alt="" height="168" /> 342 <p class="img-caption"> 343 <strong>Figure 3.</strong> Message sequence for a restore transactions request. 344 </p> 345 </div> 346 347 <p>The request triggers three responses. The first is a {@link android.os.Bundle} with a 348 <code>RESPONSE_CODE</code> key and a <code>REQUEST_ID</code> key. Next, the Google Play 349 application sends a <code>RESPONSE_CODE</code> broadcast intent, which provides status information 350 or error information about the request. As always, the <code>RESPONSE_CODE</code> message references 351 a specific request ID, so you can determine which request a <code>RESPONSE_CODE</code> message 352 pertains to.</p> 353 354 <p>The <code>RESTORE_TRANSACTIONS</code> request type also triggers a 355 <code>PURCHASE_STATE_CHANGED</code> broadcast intent, which contains the same type of transaction 356 information that is sent during a purchase request. Unlike with a purchase request, however, the transactions 357 are given without any associated notification IDs, so you do not need to respond to this 358 intent with a <code>CONFIRM_NOTIFICATIONS</code> message. </p> 359 360 <p class="note"><strong>Note:</strong> You should use the <code>RESTORE_TRANSACTIONS</code> request 361 type only when your application is installed for the first time on a device or when your 362 application has been removed from a device and reinstalled.</p> 363 364 <p>The messaging sequence for checking whether in-app billing is supported is shown in figure 4. The 365 request type for the <code>sendBillingRequest()</code> method is shown in <strong>bold</strong>.</p> 366 367 <div class="figure" style="width:454px"> 368 <img src="{@docRoot}images/billing_check_supported.png" alt="" height="168" /> 369 <p class="img-caption"> 370 <strong>Figure 4.</strong> Message sequence for checking whether in-app billing is supported. 371 </p> 372 </div> 373 374 <p>The synchronous response for a <code>CHECK_BILLING_SUPPORTED</code> request provides a Bundle 375 with a server response code. A <code>RESULT_OK</code> response code indicates that in-app billing 376 is supported; a <code>RESULT_BILLING_UNAVAILABLE</code> response code indicates that in-app billing 377 is unavailable because the API version you specified is unrecognized or the user is not eligible to 378 make in-app purchases (for example, the user resides in a country that does not allow in-app 379 billing). A <code>SERVER_ERROR</code> can also be returned, indicating that there was a problem with 380 the Google Play server.</p> 381 382 <h3 id="billing-action-notify">Handling IN_APP_NOTIFY messages</h3> 383 384 <p>Usually, your application receives an <code>IN_APP_NOTIFY</code> broadcast intent from Google 385 Play in response to a <code>REQUEST_PURCHASE</code> message (see figure 2). The 386 <code>IN_APP_NOTIFY</code> broadcast intent informs your application that the state of a requested 387 purchase has changed. To retrieve the details of that purchase, your application sends a 388 <code>GET_PURCHASE_INFORMATION</code> request. Google Play responds with a 389 <code>PURCHASE_STATE_CHANGED</code> broadcast intent, which contains the details of the purchase 390 state change. Your application then sends a <code>CONFIRM_NOTIFICATIONS</code> message, informing 391 Google Play that you have received the purchase state change information.</p> 392 393 <p>In some special cases, you may receive multiple <code>IN_APP_NOTIFY</code> messages even though 394 you have confirmed receipt of the purchase information, or you may receive 395 <code>IN_APP_NOTIFY</code> messages for a purchase change even though you never initiated the 396 purchase. Your application must handle both of these special cases.</p> 397 398 <h4>Handling multiple IN_APP_NOTIFY messages</h4> 399 400 <p>When Google Play receives a <code>CONFIRM_NOTIFICATIONS</code> message for a given 401 <code>PURCHASE_STATE_CHANGED</code> message, it usually stops sending <code>IN_APP_NOTIFY</code> 402 intents for that <code>PURCHASE_STATE_CHANGED</code> message. Sometimes, however, Google 403 Play may send repeated <code>IN_APP_NOTIFY</code> intents for a 404 <code>PURCHASE_STATE_CHANGED</code> message even though your application has sent a 405 <code>CONFIRM_NOTIFICATIONS</code> message. This can occur if a device loses network connectivity 406 while you are sending the <code>CONFIRM_NOTIFICATIONS</code> message. In this case, Google Play 407 might not receive your <code>CONFIRM_NOTIFICATIONS</code> message and it could send multiple 408 <code>IN_APP_NOTIFY</code> messages until it receives acknowledgement that you received the 409 transaction message. Therefore, your application must be able to recognize that the subsequent 410 <code>IN_APP_NOTIFY</code> messages are for a previously processed transaction. You can do this by 411 checking the <code>orderID</code> that's contained in the JSON string because every transaction has 412 a unique <code>orderId</code>.</p> 413 414 <h4>Handling refunds and other unsolicited IN_APP_NOTIFY messages</h4> 415 416 <p>There are two cases where your application may receive <code>IN_APP_NOTIFY</code> broadcast 417 intents even though your application has not sent a <code>REQUEST_PURCHASE</code> message. Figure 5 418 shows the messaging sequence for both of these cases. Request types for each 419 <code>sendBillingRequest()</code> method are shown in <strong>bold</strong>, broadcast intents are 420 shown in <em>italic</em>. For clarity, figure 5 does not show the <code>RESPONSE_CODE</code> 421 broadcast intents that are sent for every request.</p> 422 423 <div class="figure" style="width:481px"> 424 <img src="{@docRoot}images/billing_refund.png" alt="" height="189" /> 425 <p class="img-caption"> 426 <strong>Figure 5.</strong> Message sequence for refunds and other unsolicited 427 IN_APP_NOTIFY messages.</p> 428 </div> 429 430 <p>In the first case, your application may receive an <code>IN_APP_NOTIFY</code> broadcast intent 431 when a user has your application installed on two (or more) devices and the user makes an in-app 432 purchase from one of the devices. In this case, Google Play sends an <code>IN_APP_NOTIFY</code> 433 message to the second device, informing the application that there is a purchase state change. Your 434 application can handle this message the same way it handles the response from an 435 application-initiated <code>REQUEST_PURCHASE</code> message, so that ultimately your application 436 receives a <code>PURCHASE_STATE_CHANGED</code> broadcast intent message that includes information 437 about the item that has been purchased. This applies only to items that have their <a 438 href="{@docRoot}guide/google/play/billing/billing_admin.html#billing-purchase-type">purchase type</a> set 439 to "managed per user account."</p> 440 441 <p>In the second case, your application can receive an <code>IN_APP_NOTIFY</code> broadcast intent 442 when Google Play receives a refund notification from Google Wallet. In this case, Google 443 Play sends an <code>IN_APP_NOTIFY</code> message to your application. Your application can handle 444 this message the same way it handles responses from an application-initiated 445 <code>REQUEST_PURCHASE</code> message so that ultimately your application receives a 446 <code>PURCHASE_STATE_CHANGED</code> message that includes information about the item that has been 447 refunded. The refund information is included in the JSON string that accompanies the 448 <code>PURCHASE_STATE_CHANGED</code> broadcast intent. Also, the <code>purchaseState</code> field in 449 the JSON string is set to 2.</p> 450 451 <p class="caution"><strong>Important:</strong> You cannot use the Google Wallet API to 452 issue refunds or cancel in-app billing transactions. You must do this manually through your 453 Google Wallet merchant account. However, you can use the Google Wallet API to retrieve order 454 information.</p> 455 456 <h2 id="billing-security">Security Controls</h2> 457 458 <p>To help ensure the integrity of the transaction information that is sent to your application, 459 Google Play signs the JSON string that is contained in the <code>PURCHASE_STATE_CHANGED</code> 460 broadcast intent. Google Play uses the private key that is associated with your publisher account 461 to create this signature. The publisher site generates an RSA key pair for each publisher account. 462 You can find the public key portion of this key pair on your account's profile page. It is the same 463 public key that is used with Google Play licensing.</p> 464 465 <p>When Google Play signs a billing response, it includes the signed JSON string (unencrypted) 466 and the signature. When your application receives this signed response you can use the public key 467 portion of your RSA key pair to verify the signature. By performing signature verification you can 468 help detect responses that have been tampered with or that have been spoofed. You can perform this 469 signature verification step in your application; however, if your application connects to a secure 470 remote server then we recommend that you perform the signature verification on that server.</p> 471 472 <p>In-app billing also uses nonces (a random number used once) to help verify the integrity of the 473 purchase information that's returned from Google Play. Your application must generate a nonce and 474 send it with a <code>GET_PURCHASE_INFORMATION</code> request and a <code>RESTORE_TRANSACTIONS</code> 475 request. When Google Play receives the request, it adds the nonce to the JSON string that 476 contains the transaction information. The JSON string is then signed and returned to your 477 application. When your application receives the JSON string, you need to verify the nonce as well as 478 the signature of the JSON string.</p> 479 480 <p>For more information about best practices for security and design, see <a 481 href="{@docRoot}guide/google/play/billing/billing_best_practices.html">Security and Design</a>.</p> 482 483 <h2 id="billing-limitations">In-app Billing Requirements and Limitations</h2> 484 485 <p>Before you get started with in-app billing, be sure to review the following requirements and 486 limitations.</p> 487 488 <ul> 489 <li>In-app billing can be implemented only in applications that you publish through Google 490 Play.</li> 491 <li>You must have a Google Wallet Merchant account to use Google Play In-app Billing.</li> 492 <li>In-app billing requires version 2.3.4 (or higher) of the Android Market application. 493 To support subscriptions, version 3.5 or higher of the Google Play app is required. On devices 494 running Android 3.0, version 5.0.12 (or higher) of the MyApps application is required.</li> 495 <li>An application can use in-app billing only if the device is running Android 1.6 (API level 4) 496 or higher.</li> 497 <li>You can use in-app billing to sell only digital content. You cannot use in-app billing to sell 498 physical goods, personal services, or anything that requires physical delivery.</li> 499 <li>Google Play does not provide any form of content delivery. You are responsible for 500 delivering the digital content that you sell in your applications.</li> 501 <li>You cannot implement in-app billing on a device that never connects to the network. To 502 complete in-app purchase requests, a device must be able to access the Google Play server over 503 the network. </li> 504 </ul> 505 506 <p>For more information about in-app billing requirements, see <a 507 href="https://support.google.com/googleplay/android-developer/bin/answer.py?hl=en&answer=1153481">In-App 508 Billing Availability and Policies</a>.</p> 509
