[Interest] Fwd: Google Play warning: Your app is using an incorrect implementation of in-app billing

[Nuno Santos]

I have just received the email below from Google Play. Has anyone had the same report?

Since I use QtPurchasing to handle my purchases, I was wondering if this something I need to add, or something that needs to be added to the lib itself.

Nuno
> Hello Google Play Developer,
> 
> We detected that your app(s) listed at the end of this email are invoking the in-app billing service without setting a target package for the intent. This can enable a malicious package to bypass the Play store billing system and access items that have not been purchased.
> 
> Next Steps
> 
> If you are using IabHelper, please start using the latest SDK.
> If you are manually invoking the in-app billing service, make sure you are calling Intent.setPackage(“com.android.vending”) on any intents to "com.android.vending.billing.InAppBillingService.BIND".
> Sign in to your Developer Console and submit the updated version of your app.
> Check back after five hours - we’ll show a warning message if the app hasn’t been updated correctly.
> We’re here to help
> 
> If you have other technical questions about the vulnerability, you can post to Stack Overflow and use the tag “android-security.” For clarification on steps you need to take to resolve this issue, you can contact our developer support team.
> 
> Regards,
> 
> The Google Play Team
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.qt-project.org/pipermail/interest/attachments/20160728/2313f68a/attachment.html>