How to prevent IAP hack?

I tried use LiveOps with verify receipt on my Android game, but the user still hack successful and got items. Any ideas to prevent that?


How did they hack and get your items?

I think it is Lucky Patcher or some iap hack tool.

Are you adding coins/gems/items at client-side even after verifying receipt? If you want very secure IAP solution, then server-backend is must. Means your custom backend will verify with Apple/Google IAP receipt and add coins/gems at server-side only, not at client-side. If you are adding coins at client-side even after verifying receipt then its not secure.

1 Like