question

Maciej Maj avatar image
Maciej Maj asked

Not properly handled purchase (Google Play)

Hello,

I'm using the Inventory v1 purchase flow for the Google Play, mainly based on this guide: https://learn.microsoft.com/en-us/gaming/playfab/features/economy/tutorials/getting-started-with-unity-iap-android

I just found out a strange issue regarding not properly validated receipt by PlayFab. Here is the case:

  1. User initialises purchase in the client

  2. User cancels the payment (or at least that is what I assume)

  3. A request is send to PlayFab to check if the receipt is valid. Google Play returns info that it is?

  4. Player receives purchased item

  5. Player never pays for the item

Steps 4 and 5 does not make any sense to me. I wasn't able to reproduce it on my side, maybe some bad actors are doing some trickery I can't figure out?

Here are all the resources I can provide:

Screenshot from Google Play console with order history: 5637-bionicl-screenshot-arc-14032023-1221.png

An event from Data explorer:

 {
     "PlayFabEnvironment": {
         "Application": "mainserver",
         "Vertical": "master",
         "Commit": "546a2ff",
         "Cloud": "main"
     },
     "EventNamespace": "com.playfab",
     "EntityType": "player",
     "SourceType": "BackEnd",
     "Timestamp": "2023-03-14T00:58:02.0439764Z",
     "EventName": "player_receipt_validation",
     "EntityId": "A1F5E1D44EC22FB5",
     "EventId": "e9343cb909b54fd6912d3a4f1f04f890",
     "TitleId": "4A27E",
     "Source": "PlayFab",
     "PaymentProvider": "Google Play",
     "PaymentType": "ReceiptValidation",
     "ReceiptContent": "{\"orderId\":\"GPA.3345-2466-7547-49095\",\"packageName\":\"com.xxx(hidden)xxx\",\"productId\":\"iap_store_gems005\",\"purchaseTime\":1678755424501,\"purchaseState\":4,\"purchaseToken\":\"ebnfjlhebbadmdibpgdajfdb.AO-J1OyLoZ2aFcqWSV3TQn9jhDjyfDoYdvPJV8n5dMKMTlTSZVvK1rnEzPVLrVr_r-PTCr6pUeiNnuxb8hunpstTcwj1Yzec6pq4oTaDCqyZGBWRanfMdP8\",\"quantity\":1,\"acknowledged\":false}",
     "Valid": true
 }

Overall screenshot of the whole situation: 5638-bionicl-screenshot-arc-14032023-1209.jpeg

Transaction ID: pchmbokmkkbcgkleojbneapj.AO-J1OwAJm-ax8NxBlEkJTj8YLKL2LI2ZBJtev0jEGH8_vmt9rpHOhs74jK5cje9Pr_pzwIS9vPqSXOD0GsD1s-txrtsD54fNaeEGeVuQenSQqra8XfchCE

I will appreciate for the helping hand regarding that, since that breaks game economy. How is it possible that Google Play handshakes with PlayFab and makes payment as successful even though the player haven't payed? Also based on Google Play payment status, it doesn't look like player issued a refund, since cancelation was immediate.

Thank you!

android
2 comments
10 |1200

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Gosen Gao avatar image Gosen Gao commented ·

If you have access to the SUPPORT TICKET, please follow the docs to submit a support ticket so that we can help you handle this issue.

0 Likes 0 ·
Maciej Maj avatar image Maciej Maj commented ·

@Gosen Gao Unfortunately we're using Pay-as-you-go plan, but it's reaching prices around $80-$120 monthly, so maybe that qualifies for an exception? ID: 4A27E Thanks!

0 Likes 0 ·
kylemc@microsoft.com avatar image
kylemc@microsoft.com answered

Have you configured your Google Add-On with a "Service account key"? That input field is optional, but it enables better handling of the exact scenario you're talking about.

5645-image.png


image.png (32.0 KiB)
10 |1200

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Gosen Gao avatar image
Gosen Gao answered

This issue may be caused by the Google Play payment method "Pay by cash", you can refer to PlayFab accepting pending payments - Playfab Community, which provides a workaround.

We have an enhanced verification for this issue, but this enhanced verification is still in testing. If you want to use it in a production environment, we need you to open a support ticket to help you enable it and you can contact us in time if you have any issues.

10 |1200

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.