Google IAP verification has failed for many purchases

Question

I\'m using Google IAP v3 in Android app. I\'ve implemented signature checking using GoogleIabHelper class. I\'m also checking the signature on the server side w

Answer 1

After digging a little deeper it turns out there are so many ways to hack IAP, but good purchase validation prevents from it (like presented in the question).

First of all, the invalid purchases (all of them) have been made on rooted devices. I've also asked some users about their purchases and one of them agreed that he is using some apk which allows to purchase IAP items for free.

Conclusion: everything is OK with the code, something is wrong with your users.