Thanks for the comments everyone. RichardC, the idea is not so much to tie the app to a particular device, as it is to confirm that the device signing up for an account is the same one that purchased the app. Basically, what I am trying to do is have my app transparently link the account signup (in app) to the market purchase. I dont particularly care if it is a hardware id, carrier id, or a google account id.... they could even spoof it for all I care, just as long as I can match it between the purchase and the signup. Again, once their account is created (username / password), I dont even need the original identfier, I am perfectly happy to let them log in on any of the devices they own (of course, my server will enforce a one session per account limit).
There are several ways do do this intrusively... send a serial number back to the email tied to the google checkout order or have them type the card holder name / last 4 digits of their card, but this is a hassle / a bit scary to customers. The other way to make this work, is to distribute the app for free, and take their order within the app. This, of course, would be against entirely the market contract / not adivisable from a security standpoint, so it is not really an option. Does anyone have a checkout notification trace, with confidential bits removed, that they are willing to post? Google employees, can you point me to an appropriate reference or lend any suggestions? --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~----------~----~----~----~------~----~------~--~---
