I think most of us would consider that "abuse" to begin with :) but you can always prompt for an opt-in email address.
Also don't forget that no monies are to be collected outside the market based on content delivered inside the market. So you're already off on an alternative market, and those don't have access to make platform api changes... On Tue, Oct 27, 2009 at 6:41 AM, RichardC <[email protected]> wrote: > > I would love to be able to use the Google account to sell value-add > services, at the moment I can't think of a secure (not open to abuse) > way of doing this. I hope this is something Google would like to see > happen and are activly working on it. It would need a platform API > change to implement something like micro payments with a secure order- > form. > > Here's hoping > > -- > RichardC > > On Oct 27, 5:23 am, knavewave <[email protected]> wrote: >> Thanks for the comments everyone. >> >> RichardC, the idea is not so much to tie the app to a particular >> device, as it is to confirm that the device signing up for an account >> is the same one that purchased the app. Basically, what I am trying to >> do is have my app transparently link the account signup (in app) to >> the market purchase. I dont particularly care if it is a hardware id, >> carrier id, or a google account id.... they could even spoof it for >> all I care, just as long as I can match it between the purchase and >> the signup. Again, once their account is created (username / >> password), I dont even need the original identfier, I am perfectly >> happy to let them log in on any of the devices they own (of course, my >> server will enforce a one session per account limit). >> >> There are several ways do do this intrusively... send a serial number >> back to the email tied to the google checkout order or have them type >> the card holder name / last 4 digits of their card, but this is a >> hassle / a bit scary to customers. >> >> The other way to make this work, is to distribute the app for free, >> and take their order within the app. This, of course, would be against >> entirely the market contract / not adivisable from a security >> standpoint, so it is not really an option. >> >> Does anyone have a checkout notification trace, with confidential bits >> removed, that they are willing to post? >> >> Google employees, can you point me to an appropriate reference or lend >> any suggestions? > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~----------~----~----~----~------~----~------~--~---
