1 page.title=In-app Billing Version 2 2 excludeFromSuggestions=true 3 @jd:body 4 5 <p class="caution" style= 6 "background-color:#fffdeb;width:100%;margin-bottom:1em;padding:.5em;"> 7 The <strong>In-app Billing Version 2 API</strong> has been deprecated in 8 favor of the Version 3 API. If your app is using In-app Billing, please 9 <strong>make sure that it is using the Version 3 API</strong>. If your app is 10 still using the Version 2 API, you must <strong>migrate to the Version 3 API 11 as soon as possible</strong>.<br> 12 <br> 13 We plan to turn off the In-app Billing Version 2 service on <strong>January 14 27, 2015</strong>, after which time users will <strong>no longer be able to 15 purchase in-app items and subscriptions through the Version 2 API</strong>. 16 We strongly encourage and recommend you migrate your apps to use Version 3 17 API by November 2014, to provide ample time for users to update their apps to 18 the new version.<br> 19 <br> 20 For more information, please see the <a href= 21 "http://support.google.com/googleplay/android-developer/answer/6090268">Help Center 22 article</a>. For common questions about transitioning your implementation to 23 In-app Billing Version 3, please see <a href= 24 "{@docRoot}google/play/billing/billing_overview.html#migration">Migration 25 Considerations</a>. 26 </p> 27 <div id="qv-wrapper" style="margin-top:0;"> 28 <div id="qv"> 29 30 <h2>In this document</h2> 31 <ol> 32 <li><a href="#billing-types">Product and Purchase Types</a></li> 33 <li><a href="#billing-arch">Service Architecture</a></li> 34 <li><a href="#billing-msgs">Service Messages</a></li> 35 <ol> 36 <li><a href="#billing-request">Request messages</a></li> 37 <li><a href="#billing-response">Broadcast intents</a></li> 38 <li><a href="#billing-message-sequence">Messaging sequence</a></li> 39 <li><a href="#billing-action-notify">Handling IN_APP_NOTIFY messages</a></li> 40 </ol> 41 <li><a href="#billing-security">Security Controls</a></li> 42 <li><a href="#billing-limitations">Requirements and Limitations</a></li> 43 </ol> 44 </div> 45 </div> 46 47 <p>In-app Billing version 2 is the legacy version of the Google Play In-app 48 Billing. Like Version 3, it lets you interact with the Google Play purchase flow 49 and payments system indirectly, by means of IPC communication with the Play 50 Store app installed on the device. </p> 51 52 <p>Unlike Version 3, the Version 2 API is 53 asynchronous and uses service messages sent as broadcast intents, so 54 it is more complicated than Version 3. </p> 55 56 <h2 id="billing-types">Product Types</h2> 57 58 <p>In-app Billing Version supports three different product types 59 to give you flexibility in how you monetize your app. In all cases, you define 60 your products using the Google Play Developer Console, including product type, 61 SKU, price, description, and so on. For more information, see <a 62 href="{@docRoot}google/play/billing/billing_admin.html">Administering In-app Billing</a>.</p> 63 64 <ul> 65 <li><em>Managed per user account</em> — Items that can be purchased only 66 once per user account on Google Play. When a user purchases an item that uses 67 the "managed per user account" product type, Google Play permanently stores the 68 transaction information for each item on a per-user basis. This enables you to 69 later query Google Play to restore the state of the items a specific user has 70 purchased. If a user attempts to purchase a managed item that has already been 71 purchased, Google Play prevents the user from purchasing the item again and 72 displays an "Item already purchased" error. 73 74 <p>The "managed" product type is useful if you are selling 75 items such as game levels or application features. These items are not transient 76 and usually need to be restored whenever a user reinstalls your application, 77 wipes the data on their device, or installs your application on a new 78 device.</p> 79 80 <li><em>Unmanaged</em> — Items that do not have their transaction 81 information stored on Google Play. This means that you cannot later query Google 82 Play to retrieve transaction information for those items. For "unmanaged" 83 purchases, you are responsible for managing the transaction information. Also, 84 Google Play does not attempt to prevent the user from purchasing an item 85 multiple times if it uses the "unmanaged" product type. It's up to you to 86 control how many times an unmanaged item can be purchased.</p> 87 88 <p>The "unmanaged" product type is useful if you are selling consumable items, 89 such as fuel or magic spells. These items are consumed within your application 90 and are usually purchased multiple times.</p></li> 91 92 <li><em>Subscriptions</em> — Items that are sold with a 93 developer-specified, recurring billing interval. When a user purchases a 94 subscription, Google Play and its payment processor automatically bill the 95 user's account at the specified interval and price, charging the amount to the 96 original payment method. Once the user purchases a subscription, Google Play 97 continues billing the account indefinitely, without requiring approval or action 98 from the user. The user can cancel the subscription at any time. 99 100 <p>Subscriptions can only be sold using the "managed per user account" purchase 101 type. As with in-app products, once the user has purchased an in-app product 102 there is no refund window. Users desiring refunds must contact the developer 103 directly. For more information about subscriptions and how to sell them in your 104 apps, see the <a href="{@docRoot}google/play/billing/v2/billing_subscriptions.html">Subscriptions</a> 105 document.</p></li> 106 </ul> 107 108 <h2 id="billing-arch">Service Architecture</h2> 109 110 <p>Your app accesses the In-app Billing service using an API that is exposed by 111 the Google Play app installed on the device. The Google Play app then uses an 112 asynchronous message loop to convey billing requests and responses between your 113 application and the Google Play server. In practice, your application never 114 directly communicates with the Google Play server (see figure 1). Instead, your 115 application sends billing requests to the Google Play application over 116 interprocess communication (IPC) and receives purchase responses from the Google 117 Play application in the form of asynchronous broadcast intents. Your application 118 does not manage any network connections between itself and the Google Play 119 server or use any special APIs from the Android platform.</p> 120 121 <div class="figure" style="width:440px"> 122 <img src="/images/billing_arch.png" alt="" height="582" /> 123 <p class="img-caption"> 124 <strong>Figure 1.</strong> Your application sends and receives billing messages through the 125 Google Play application, which handles all communication with the Google Play server.</p> 126 </div> 127 128 <p>Some in-app billing implementations may also use a private remote server to deliver content or 129 validate transactions, but a remote server is not required to implement in-app billing. A remote 130 server can be useful if you are selling digital content that needs to be delivered to a user's 131 device, such as media files or photos. You might also use a remote server to store users' 132 transaction history or perform various in-app billing security tasks, such as signature 133 verification. Although you can handle all security-related tasks in your application, performing 134 those tasks on a remote server is recommended because it helps make your application less vulnerable 135 to security attacks.</p> 136 137 <p>A typical in-app billing implementation relies on three components:</p> 138 <ul> 139 <li>A {@link android.app.Service Service} (named <code>BillingService</code> in the sample application), 140 which processes purchase messages from the application and sends billing requests to the Google 141 Play in-app billing service.</li> 142 <li>A {@link android.content.BroadcastReceiver BroadcastReceiver} (named <code>BillingReceiver</code> in the sample 143 application), which receives all asynchronous billing responses from the Google Play 144 application.</li> 145 <li>A security component (named <code>Security</code> in the sample application), which performs 146 security-related tasks, such as signature verification and nonce generation. For more information 147 about in-app billing security, see <a href="#billing-security">Security controls</a> later in this 148 document.</li> 149 </ul> 150 151 <p>You may also want to incorporate two other components to support in-app billing:</p> 152 <ul> 153 <li>A response {@link android.os.Handler Handler} (named <code>ResponseHandler</code> in the sample 154 application), which provides application-specific processing of purchase notifications, errors, 155 and other status messages.</li> 156 <li>An observer (named <code>PurchaseObserver</code> in the sample application), which is 157 responsible for sending callbacks to your application so you can update your user interface with 158 purchase information and status.</li> 159 </ul> 160 161 <p>In addition to these components, your application must provide a way to store information about 162 users' purchases and some sort of user interface that lets users select items to purchase. You do 163 not need to provide a checkout user interface. When a user initiates an in-app purchase, the Google 164 Play application presents the checkout user interface to your user. When the user completes the 165 checkout process, your application resumes.</p> 166 167 <h2 id="billing-msgs">In-app Billing Messages</h2> 168 169 <p>When the user initiates a purchase, your application sends billing messages to Google Play's 170 in-app billing service (named <code>MarketBillingService</code>) using simple IPC method calls. The 171 Google Play application responds to all billing requests synchronously, providing your 172 application with status notifications and other information. The Google Play application also 173 responds to some billing requests asynchronously, providing your application with error messages and 174 detailed transaction information. The following section describes the basic request-response 175 messaging that takes place between your application and the Google Play application.</p> 176 177 <h3 id="billing-request">In-app billing requests</h3> 178 179 <p>Your application sends in-app billing requests by invoking a single IPC method 180 (<code>sendBillingRequest()</code>), which is exposed by the <code>MarketBillingService</code> 181 interface. This interface is defined in an <a 182 href="{@docRoot}guide/components/aidl.html">Android Interface Definition Language</a> file 183 (<code>IMarketBillingService.aidl</code>). You can <a 184 href="{@docRoot}google/play/billing/v2/billing_integrate.html#billing-download">download</a> this AIDL 185 file with the in-app billing sample application.</p> 186 187 <p>The <code>sendBillingRequest()</code> method has a single {@link android.os.Bundle Bundle} parameter. 188 The Bundle that you deliver must include several key-value pairs that specify various parameters for 189 the request, such as the type of billing request you are making, the item that is being purchased and 190 its type, and the application that is making the request. For more information about the Bundle keys 191 that are sent with a request, see <a 192 href="{@docRoot}google/play/billing/v2/billing_reference.html#billing-interface">In-app Billing 193 Service Interface</a>. 194 195 <p>One of the most important keys that every request Bundle must have is the 196 <code>BILLING_REQUEST</code> key. This key lets you specify the type of billing request you are 197 making. Google Play's in-app billing service supports the following five types of billing 198 requests:</p> 199 200 <ul> 201 <li><code>CHECK_BILLING_SUPPORTED</code> 202 <p>This request verifies that the Google Play application supports in-app billing. You 203 usually send this request when your application first starts up. This request is useful if you 204 want to enable or disable certain UI features that are relevant only to in-app billing.</p> 205 </li> 206 <li><code>REQUEST_PURCHASE</code> 207 <p>This request sends a purchase message to the Google Play application and is the foundation 208 of in-app billing. You send this request when a user indicates that he or she wants to purchase 209 an item in your application. Google Play then handles the financial transaction by displaying 210 the checkout user interface.</p> 211 </li> 212 <li><code>GET_PURCHASE_INFORMATION</code> 213 <p>This request retrieves the details of a purchase state change. A purchase changes state when 214 a requested purchase is billed successfully or when a user cancels a transaction during 215 checkout. It can also occur when a previous purchase is refunded. Google Play notifies your 216 application when a purchase changes state, so you only need to send this request when there is 217 transaction information to retrieve.</p> 218 </li> 219 <li><code>CONFIRM_NOTIFICATIONS</code> 220 <p>This request acknowledges that your application received the details of a purchase state 221 change. Google Play sends purchase state change notifications to your application until you 222 confirm that you received them.</p> 223 </li> 224 <li><code>RESTORE_TRANSACTIONS</code> 225 <p>This request retrieves a user's transaction status for <a 226 href="{@docRoot}google/play/billing/billing_admin.html#billing-purchase-type">managed 227 purchases</a> and <a 228 href="{@docRoot}google/play/billing/billing_admin.html#billing-purchase-type">subscriptions</a>. 229 You should send this request only when you need to retrieve a user's transaction 230 status, which is usually only when your application is reinstalled or installed for the first 231 time on a device.</p> 232 </li> 233 </ul> 234 235 <h3 id="billing-response">In-app Billing Responses</h3> 236 237 <p>The Google Play application responds to in-app billing requests with both synchronous and 238 asynchronous responses. The synchronous response is a {@link android.os.Bundle Bundle} with the following 239 three keys:</p> 240 241 <ul> 242 <li><code>RESPONSE_CODE</code> 243 <p>This key provides status information and error information about a request.</p> 244 </li> 245 <li><code>PURCHASE_INTENT</code> 246 <p>This key provides a {@link android.app.PendingIntent PendingIntent}, which you use to launch the checkout 247 activity.</p> 248 </li> 249 <li><code>REQUEST_ID</code> 250 <p>This key provides you with a request identifier, which you can use to match asynchronous 251 responses with requests.</p> 252 </li> 253 </ul> 254 <p>Some of these keys are not relevant to every request. For more information, see <a 255 href="#billing-message-sequence">Messaging sequence</a> later in this document.</p> 256 257 <p>The asynchronous response messages are sent in the form of individual broadcast intents and 258 include the following:</p> 259 260 <ul> 261 <li><code>com.android.vending.billing.RESPONSE_CODE</code> 262 <p>This response contains a Google Play server response code, and is sent after you make an 263 in-app billing request. A server response code can indicate that a billing request was 264 successfully sent to Google Play or it can indicate that some error occurred during a billing 265 request. This response is <em>not</em> used to report any purchase state changes (such as refund 266 or purchase information). For more information about the response codes that are sent with this 267 response, see <a 268 href="{@docRoot}google/play/billing/v2/billing_reference.html#billing-codes">Server Response Codes 269 for In-app Billing</a>.</p> 270 </li> 271 <li><code>com.android.vending.billing.IN_APP_NOTIFY</code> 272 <p>This response indicates that a purchase has changed state, which means a purchase succeeded, 273 was canceled, or was refunded. This response contains one or more notification IDs. Each 274 notification ID corresponds to a specific server-side message, and each messages contains 275 information about one or more transactions. After your application receives an 276 <code>IN_APP_NOTIFY</code> broadcast intent, you send a <code>GET_PURCHASE_INFORMATION</code> 277 request with the notification IDs to retrieve message details.</p> 278 </li> 279 <li><code>com.android.vending.billing.PURCHASE_STATE_CHANGED</code> 280 <p>This response contains detailed information about one or more transactions. The transaction 281 information is contained in a JSON string. The JSON string is signed and the signature is sent 282 to your application along with the JSON string (unencrypted). To help ensure the security of 283 your in-app billing messages, your application can verify the signature of this JSON string.</p> 284 </li> 285 </ul> 286 287 <p>The JSON string that is returned with the <code>PURCHASE_STATE_CHANGED</code> intent provides 288 your application with the details of one or more billing transactions. An example of this JSON 289 string for a subscription item is shown below:</p> 290 <pre class="no-pretty-print" style="color:black">{ "nonce" : 1836535032137741465, 291 "orders" : 292 [{ "notificationId" : "android.test.purchased", 293 "orderId" : "transactionId.android.test.purchased", 294 "packageName" : "com.example.dungeons", 295 "productId" : "android.test.purchased", 296 "developerPayload" : "bGoa+V7g/yqDXvKRqq+JTFn4uQZbPiQJo4pf9RzJ", 297 "purchaseTime" : 1290114783411, 298 "purchaseState" : 0, 299 "purchaseToken" : "rojeslcdyyiapnqcynkjyyjh" }] 300 } 301 </pre> 302 303 <p>For more information about the fields in this JSON string, see <a 304 href="{@docRoot}google/play/billing/v2/billing_reference.html#billing-intents">In-app Billing 305 Broadcast Intents</a>.</p> 306 307 <h3 id="billing-message-sequence">Messaging sequence</h3> 308 309 <p>The messaging sequence for a typical purchase request is shown in figure 2. Request types for 310 each <code>sendBillingRequest()</code> method are shown in <strong>bold</strong>, broadcast intents 311 are shown in <em>italic</em>. For clarity, figure 2 does not show the <code>RESPONSE_CODE</code> 312 broadcast intents that are sent for every request.</p> 313 314 <p>The basic message sequence for an in-app purchase request is as follows:</p> 315 316 <ol> 317 <li>Your application sends a purchase request (<code>REQUEST_PURCHASE</code> type), specifying a 318 product ID and other parameters.</li> 319 <li>The Google Play application sends your application a Bundle with the following keys: 320 <code>RESPONSE_CODE</code>, <code>PURCHASE_INTENT</code>, and <code>REQUEST_ID</code>. The 321 <code>PURCHASE_INTENT</code> key provides a {@link android.app.PendingIntent PendingIntent}, which your 322 application uses to start the checkout UI for the given product ID.</li> 323 <li>Your application launches the pending intent, which launches the checkout UI. 324 <p class="note"><strong>Note:</strong> You must launch the pending intent from an activity 325 context and not an application context.</p> 326 </li> 327 <li>When the checkout flow finishes (that is, the user successfully purchases the item or cancels 328 the purchase), Google Play sends your application a notification message (an 329 <code>IN_APP_NOTIFY</code> broadcast intent). The notification message includes a notification ID, 330 which references the transaction.</li> 331 <li>Your application requests the transaction information by sending a 332 <code>GET_PURCHASE_STATE_CHANGED</code> request, specifying the notification ID for the 333 transaction.</li> 334 <li>The Google Play application sends a Bundle with a <code>RESPONSE_CODE</code> key and a 335 <code>REQUEST_ID</code> key. 336 <li>Google Play sends the transaction information to your application in a 337 <code>PURCHASE_STATE_CHANGED</code> broadcast intent.</li> 338 <li>Your application confirms that you received the transaction information for the given 339 notification ID by sending a confirmation message (<code>CONFIRM_NOTIFICATIONS</code> type), 340 specifying the notification ID for which you received transaction information.</li> 341 <li>The Google Play application sends your application a Bundle with a 342 <code>RESPONSE_CODE</code> key and a <code>REQUEST_ID</code> key.</li> 343 </ol> 344 345 <img src="/images/billing_request_purchase.png" height="231" id="figure2" /> 346 <p class="img-caption"> 347 <strong>Figure 2.</strong> Message sequence for a purchase request. 348 </p> 349 350 <p>Keep in mind, you must send a confirmation when you receive transaction information from Google 351 Play (step 8 in figure 2). If you don't send a confirmation message, Google Play will 352 continue sending <code>IN_APP_NOTIFY</code> messages for the transactions you have not 353 confirmed. As a best practice, you should not send a <code>CONFIRM_NOTIFICATIONS</code> request for 354 a purchased item until you have delivered the item to the user. This way, if your application 355 crashes or something else prevents your application from delivering the product, your application 356 will still receive an <code>IN_APP_NOTIFY</code> broadcast intent from Google Play indicating 357 that you need to deliver the product. Also, as a best practice, your application must be able to 358 handle <code>IN_APP_NOTIFY</code> messages that contain multiple orders.</p> 359 360 <p>The messaging sequence for a restore transaction request is shown in figure 3. Request types for 361 each <code>sendBillingRequest()</code> method are shown in <strong>bold</strong>, broadcast intents 362 are shown in <em>italic</em>. For clarity, figure 3 does not show the <code>RESPONSE_CODE</code> 363 broadcast intents that are sent for every request.</p> 364 365 <div class="figure" style="width:490px"> 366 <img src="/images/billing_restore_transactions.png" alt="" height="168" /> 367 <p class="img-caption"> 368 <strong>Figure 3.</strong> Message sequence for a restore transactions request. 369 </p> 370 </div> 371 372 <p>The request triggers three responses. The first is a {@link android.os.Bundle Bundle} with a 373 <code>RESPONSE_CODE</code> key and a <code>REQUEST_ID</code> key. Next, the Google Play 374 application sends a <code>RESPONSE_CODE</code> broadcast intent, which provides status information 375 or error information about the request. As always, the <code>RESPONSE_CODE</code> message references 376 a specific request ID, so you can determine which request a <code>RESPONSE_CODE</code> message 377 pertains to.</p> 378 379 <p>The <code>RESTORE_TRANSACTIONS</code> request type also triggers a 380 <code>PURCHASE_STATE_CHANGED</code> broadcast intent, which contains the same type of transaction 381 information that is sent during a purchase request. Unlike with a purchase request, however, the transactions 382 are given without any associated notification IDs, so you do not need to respond to this 383 intent with a <code>CONFIRM_NOTIFICATIONS</code> message. </p> 384 385 <p class="note"><strong>Note:</strong> You should use the <code>RESTORE_TRANSACTIONS</code> request 386 type only when your application is installed for the first time on a device or when your 387 application has been removed from a device and reinstalled.</p> 388 389 <p>The messaging sequence for checking whether in-app billing is supported is shown in figure 4. The 390 request type for the <code>sendBillingRequest()</code> method is shown in <strong>bold</strong>.</p> 391 392 <div class="figure" style="width:454px"> 393 <img src="/images/billing_check_supported.png" alt="" height="168" /> 394 <p class="img-caption"> 395 <strong>Figure 4.</strong> Message sequence for checking whether in-app billing is supported. 396 </p> 397 </div> 398 399 <p>The synchronous response for a <code>CHECK_BILLING_SUPPORTED</code> request provides a Bundle 400 with a server response code. A <code>RESULT_OK</code> response code indicates that in-app billing 401 is supported; a <code>RESULT_BILLING_UNAVAILABLE</code> response code indicates that in-app billing 402 is unavailable because the API version you specified is unrecognized or the user is not eligible to 403 make in-app purchases (for example, the user resides in a country that does not allow in-app 404 billing). A <code>SERVER_ERROR</code> can also be returned, indicating that there was a problem with 405 the Google Play server.</p> 406 407 <h3 id="billing-action-notify">Handling IN_APP_NOTIFY messages</h3> 408 409 <p>Usually, your application receives an <code>IN_APP_NOTIFY</code> broadcast intent from Google 410 Play in response to a <code>REQUEST_PURCHASE</code> message (see figure 2). The 411 <code>IN_APP_NOTIFY</code> broadcast intent informs your application that the state of a requested 412 purchase has changed. To retrieve the details of that purchase, your application sends a 413 <code>GET_PURCHASE_INFORMATION</code> request. Google Play responds with a 414 <code>PURCHASE_STATE_CHANGED</code> broadcast intent, which contains the details of the purchase 415 state change. Your application then sends a <code>CONFIRM_NOTIFICATIONS</code> message, informing 416 Google Play that you have received the purchase state change information.</p> 417 418 <p>In some special cases, you may receive multiple <code>IN_APP_NOTIFY</code> messages even though 419 you have confirmed receipt of the purchase information, or you may receive 420 <code>IN_APP_NOTIFY</code> messages for a purchase change even though you never initiated the 421 purchase. Your application must handle both of these special cases.</p> 422 423 <h4>Handling multiple IN_APP_NOTIFY messages</h4> 424 425 <p>When Google Play receives a <code>CONFIRM_NOTIFICATIONS</code> message for a given 426 <code>PURCHASE_STATE_CHANGED</code> message, it usually stops sending <code>IN_APP_NOTIFY</code> 427 intents for that <code>PURCHASE_STATE_CHANGED</code> message. Sometimes, however, Google 428 Play may send repeated <code>IN_APP_NOTIFY</code> intents for a 429 <code>PURCHASE_STATE_CHANGED</code> message even though your application has sent a 430 <code>CONFIRM_NOTIFICATIONS</code> message. This can occur if a device loses network connectivity 431 while you are sending the <code>CONFIRM_NOTIFICATIONS</code> message. In this case, Google Play 432 might not receive your <code>CONFIRM_NOTIFICATIONS</code> message and it could send multiple 433 <code>IN_APP_NOTIFY</code> messages until it receives acknowledgement that you received the 434 transaction message. Therefore, your application must be able to recognize that the subsequent 435 <code>IN_APP_NOTIFY</code> messages are for a previously processed transaction. You can do this by 436 checking the <code>orderID</code> that's contained in the JSON string because every transaction has 437 a unique <code>orderId</code>.</p> 438 439 <h4>Handling refunds and other unsolicited IN_APP_NOTIFY messages</h4> 440 441 <p>There are two cases where your application may receive <code>IN_APP_NOTIFY</code> broadcast 442 intents even though your application has not sent a <code>REQUEST_PURCHASE</code> message. Figure 5 443 shows the messaging sequence for both of these cases. Request types for each 444 <code>sendBillingRequest()</code> method are shown in <strong>bold</strong>, broadcast intents are 445 shown in <em>italic</em>. For clarity, figure 5 does not show the <code>RESPONSE_CODE</code> 446 broadcast intents that are sent for every request.</p> 447 448 <div class="figure" style="width:481px"> 449 <img src="/images/billing_refund.png" alt="" height="189" /> 450 <p class="img-caption"> 451 <strong>Figure 5.</strong> Message sequence for refunds and other unsolicited 452 IN_APP_NOTIFY messages.</p> 453 </div> 454 455 <p>In the first case, your application may receive an <code>IN_APP_NOTIFY</code> broadcast intent 456 when a user has your application installed on two (or more) devices and the user makes an in-app 457 purchase from one of the devices. In this case, Google Play sends an <code>IN_APP_NOTIFY</code> 458 message to the second device, informing the application that there is a purchase state change. Your 459 application can handle this message the same way it handles the response from an 460 application-initiated <code>REQUEST_PURCHASE</code> message, so that ultimately your application 461 receives a <code>PURCHASE_STATE_CHANGED</code> broadcast intent message that includes information 462 about the item that has been purchased. This applies only to items that have their product type 463 set to "managed per user account."</p> 464 465 <p>In the second case, your application can receive an <code>IN_APP_NOTIFY</code> broadcast intent 466 when Google Play receives a refund notification from Google Wallet. In this case, Google 467 Play sends an <code>IN_APP_NOTIFY</code> message to your application. Your application can handle 468 this message the same way it handles responses from an application-initiated 469 <code>REQUEST_PURCHASE</code> message so that ultimately your application receives a 470 <code>PURCHASE_STATE_CHANGED</code> message that includes information about the item that has been 471 refunded. The refund information is included in the JSON string that accompanies the 472 <code>PURCHASE_STATE_CHANGED</code> broadcast intent. Also, the <code>purchaseState</code> field in 473 the JSON string is set to 2.</p> 474 475 <p class="caution"><strong>Important:</strong> You cannot use the Google Wallet API to 476 issue refunds or cancel in-app billing transactions. You must do this manually through your 477 Google Wallet merchant account. However, you can use the Google Wallet API to retrieve order 478 information.</p> 479 480 <h2 id="billing-security">Security Controls</h2> 481 482 <p>To help ensure the integrity of the transaction information that is sent to your application, 483 Google Play signs the JSON string that is contained in the <code>PURCHASE_STATE_CHANGED</code> 484 broadcast intent. Google Play uses the private key that is associated with the app to create 485 this signature. The Developer Console generates an RSA key pair for each app. 486 You can find the public key portion of this key pair in the app's publishing details 487 in the Developer Console, under <strong>Settings</strong>, in the License Key field.</p> 488 489 <p>When Google Play signs a billing response, it includes the signed JSON string (unencrypted) 490 and the signature. When your application receives this signed response you can use the public key 491 portion of your RSA key pair to verify the signature. By performing signature verification you can 492 help detect responses that have been tampered with or that have been spoofed. You can perform this 493 signature verification step in your application; however, if your application connects to a secure 494 remote server then we recommend that you perform the signature verification on that server.</p> 495 496 <p>In-app billing also uses nonces (a random number used once) to help verify the integrity of the 497 purchase information that's returned from Google Play. Your application must generate a nonce and 498 send it with a <code>GET_PURCHASE_INFORMATION</code> request and a <code>RESTORE_TRANSACTIONS</code> 499 request. When Google Play receives the request, it adds the nonce to the JSON string that 500 contains the transaction information. The JSON string is then signed and returned to your 501 application. When your application receives the JSON string, you need to verify the nonce as well as 502 the signature of the JSON string.</p> 503 504 <p>For more information about best practices for security and design, see <a 505 href="{@docRoot}google/play/billing/billing_best_practices.html">Security and Design</a>.</p> 506 507 <h2 id="billing-limitations">In-app Billing Requirements and Limitations</h2> 508 509 <p>Before you get started with in-app billing, be sure to review the following requirements and 510 limitations.</p> 511 512 <ul> 513 <li>In-app billing can be implemented only in applications that you publish through Google 514 Play.</li> 515 <li>You must have a Google Wallet Merchant account to use Google Play In-app Billing.</li> 516 <li>To support subscriptions, version 3.5 or higher of the Google Play app is required. </li> 517 <li>In-app Billing requires Android 1.6 (API level 4) or higher.</li> 518 <li>You can use in-app billing to sell only digital content. You cannot use in-app billing to sell 519 physical goods, personal services, or anything that requires physical delivery.</li> 520 <li>Google Play does not provide any form of content delivery. You are responsible for 521 delivering the digital content that you sell in your applications.</li> 522 <li>You cannot implement in-app billing on a device that never connects to the network. To 523 complete in-app purchase requests, a device must be able to access the Google Play server over 524 the network. </li> 525 </ul> 526
