[Android] Warning Incorrect Implementation of Google Play inApp Billing

We recently got this warning on a lot of our games and at first I thought it was only with older games. But our recent games using 5.3 and the IAP system that comes with unity services also got the same treatment.

Is anyone else having this issue?

We do not touch any google play apis, we only do high level calls trough the IAP system that Unity provides.

Currently we are in the process of updating all of our google play services libraries to the latest but we have no clue how to solve this specific issue. Our games could potentially be deactivated if not rectified.

Any advice?

 

We also received this warning. The warning mentions how to initialize a certain Intent object to be more secure.
After looking at our code, I saw that in all locations we use this as suggested.

The issue was with the google-play-services.jar which includes its own IAP code, but uses the non-secure way.
We have recently upgraded our play services libraries to the newest version, so I believe this issue will be gone.

Please check what sort of 3rd party libraries (Google play services, etc) Unity's IAP system uses. Perhaps some of these are outdated and cause this warning to be shown.

 

We don't go lower level than the framework provided by Unity. No place where we create any intent, which is on java level, correct?

We never really looked in depth regarding the unity IAP system. Currently we are upgrading to google play services 9.2 using jar resolver but we don't include any billing lib. We did wonder if unity IAPs provide their own google play lib. Ill check it out tomorrow when im back at work. Thanks.

Edit:

Older projects make use of Unibill and we don't really have the source code for that I think. That seems a bit problematic because we have no clue how to fix that. Any suggestions?