Huge unverified IAP Revenue

Hello developers,

Searching through the Data Explorer, I found this section called Unverified IAP Revenue.
So, what is exactly this ?

This is how it looks for me:



Full image here => https://i.postimg.cc/wv5dNCNd/IAP.png

Some say it's the users hacking the IAP system. I have already obfuscated the API key and receipt validation.

And even so, you see that I had spikes of 1.000+$ in some days. How is this possible? My game makes ~200 downloads per day and only 30% are from top tier countries. (I talk about an android game on Google Play).
Such small amount of users is hard to believe that they hack in value of 1000$ taking in account that the highest IAP price is 10$ in game. Or all the users are hacking ?In reality I barely have one in app purchase per week..

If I had the above amount of money in real life I will be far away in hot islands (joke)

 

It sounds like you are using receipt validation, which is good. It's not too hard to hack an Android game and inject fake receipts regardless. It's probably one or two users doing this. There isn't too much you can do, unfortunately. You could consider server-side receipt validation from PlayFab or ChilliConnect.

 

Hi Jeff, do you have any document where I can see how implement the receipt validation in Unity ? I am having some problems with hackers using the Unity IAP package.

Thank you

 

its one google away:

Unity - Manual: Receipt validation (unity3d.com)

 

Thank you Toasbyte, Have you experienced the same issues with Unity IAP ?

 

Fraud is very common on the Android platform unfortunately, and practically non-existent on iOS. Are you still seeing high values after using the receipt validator? Some studios use PlayFab or similar online verification services.