×

Discussion Board

Results 1 to 15 of 15
  1. #1
    Regular Contributor
    Join Date
    Oct 2009
    Posts
    59

    Having to enter the password twice for in app purchase (IAP)

    Hi,

    I'm not sure this is the right forum to discuss this issue. If you know a better place, please let me know.

    Here is the situation:
    Our Symbian (Qt) app is using IAP with our own backend server. Users are allowed to restore (re-install) content based on our own restoration policy. The information whether or not a user is allowed to restore a content item is stored on our backend and referenced by the users Nokia Store account name.

    So in order to find out if a user is able to freely restore an item we get the account name via the IAP API. Then we send that account name to our backend server which returns whether or not the item can be restored.

    In case it can be restored we download that item bypassing IAP completely, which is no problem. In case it cannot be restored we start the purchase process via the IAP API.

    This basically works fine, but the problem is that the user has to enter the Nokia Store password two times in a row.
    1) To get the Nokia Store account name [ IAPClient::getUserAndDeviceId() ]
    2) To start the purchase process [ IAPClient::purchaseProduct() ]

    This is really bad for the user experience. Does anyone know a way around this issue? Am I using the API in a wrong way?

    Help would be highly appreciated :)

    Thanks!
    Conny

  2. #2
    Regular Contributor
    Join Date
    Oct 2009
    Posts
    59

    Re: Having to enter the password twice for in app purchase (IAP)

    Could someone please move this to the "Qt for Symbian" forum. I think it would fit better there.

  3. #3
    Nokia Developer Moderator
    Join Date
    Aug 2011
    Posts
    492

    Re: Having to enter the password twice for in app purchase (IAP)

    Hi Conny,

    I've contacted the Technical support team to provide a solution for this problem. I will update you when I receive further information.
    Andrew
    Follow @AndrewAtNokia on Twitter for news and updates about Nokia Publish!
    Andrew is now on Facebook to assist you with any publishing related inquiries.

  4. #4
    Regular Contributor
    Join Date
    Oct 2009
    Posts
    59

    Re: Having to enter the password twice for in app purchase (IAP)

    Thank you Andrew. That's great because I really can't find any information about that. Looks like not too many people are using IAP yet.

  5. #5
    Nokia Developer Expert
    Join Date
    Oct 2007
    Posts
    441

    Re: Having to enter the password twice for in app purchase (IAP)

    Hi Conny,

    IAPClient::getUserAndDeviceId() call accepts flag for silent invocation, IAPClient::OnlyInSilentAuthentication, but unfortunatelly it may fail. In failure case response signal comes with status IAPClient::UserAndDeviceDataHash response == "SilentOperationFailed"

    to diminish user impact you can use the following approach:

    1) on application start call getUserAndDeviceId(IAPClient::OnlyInSilentAuthentication)
    2) check status in the call response if it is "OK", cache the user data,
    3) otherwise call getUserAndDeviceId() with default parameters to pop up user credentials dialog
    4) cache the user data

    Please note user can change his ovi username only by phone factory reset , so i think it is safe to cache user data only once on your application first launch.

    Regards,
    Igor

  6. #6
    Regular Contributor
    Join Date
    Oct 2009
    Posts
    59

    Re: Having to enter the password twice for in app purchase (IAP)

    Hi Igor,

    I thought the user has the option to change user names at will, but if this is not the case saving the account name on the device is actually a sensible workaround. I wonder what the "official" way of doing this would be. To me it looks like this is a use-case the people at Nokia simply forgot...

    Anyway, thank you a lot for your help! I can certainly work with that.

    Cheers,
    Conny

  7. #7
    Nokia Developer Expert
    Join Date
    Oct 2007
    Posts
    441

    Re: Having to enter the password twice for in app purchase (IAP)

    Hi Conny,

    Except factory reset to change account user can launch OVI client go to "Nokia Account settings" menu option do sign-out and then sign-in with different account. The latest signed in username will be used by IAP. If no account data is cached on device , IAP will ask for user credentials.

    Considering that you should cache user data during application session only.

    Regards,
    Igor

  8. #8
    Regular Contributor
    Join Date
    Oct 2009
    Posts
    59

    Re: Having to enter the password twice for in app purchase (IAP)

    Hi Igor,

    you're right again. Now I see it also. Well, so actually I still don't have a solution. I'm already caching the user name during one run of the application. So in case someone restarts the app (happens often of course) and tries to buy something he/she still needs to enter the password twice. Not good

    Still, thanks for your help!
    Conny

  9. #9
    Regular Contributor
    Join Date
    Oct 2009
    Posts
    59

    Re: Having to enter the password twice for in app purchase (IAP)

    Hi Andrew,

    what's the current state of this? What did the technical support team say? Is there any better place to bring up this issue?
    We're planning to launch at the 1st of March and I'm still looking for a solution that doesn't make my customers run away.

    Thanks,
    Conny

    Quote Originally Posted by Andrew Nokia View Post
    Hi Conny,

    I've contacted the Technical support team to provide a solution for this problem. I will update you when I receive further information.

  10. #10
    Nokia Developer Expert
    Join Date
    Oct 2007
    Posts
    441

    Re: Having to enter the password twice for in app purchase (IAP)

    Hi Conny,

    I am from Techsupport and my advice has been already sent in this discussion thread --- in the API there is no way to force suppressing credentionals input dialog in getUserAndDeviceId call. The call parameter OnlyInSilentAuthentication flag value does not garantee the dialog will not be shown it depends on whether the user credentials were already cached on the device.

    Please implement work around in your application --- don't call getUserAndDeviceId() each time you need to provide the data to your backend , use cached data instead:

    1) on application start call getUserAndDeviceId(IAPClient::OnlyInSilentAuthentication)
    2) check status in the call response if it is "OK", cache the user data, to use it during the application session
    3) otherwise call getUserAndDeviceId() with default parameters to pop up user credentials dialog
    4) cache the user data, to use it during the application session

    Regards,
    Igor

  11. #11
    Regular Contributor
    Join Date
    Oct 2009
    Posts
    59

    Re: Having to enter the password twice for in app purchase (IAP)

    Hi Igor,

    thanks for writing me again. I'm sorry I didn't realize that you are from Techsupport and thus I was looking for an official answer. Well, now I know it's official

    I understand the work-around you described. Unfortunately I don't think it's a work-around because after starting my app the silent call to getUserAndDeviceId() _never_ succeeds. Because of that after starting the app the user _always_ has to enter the Nokia Store password just to see the content. That is totally user unfriendly.

    The other option (calling getUserAndDeviceId() just before purchaseProduct()) is also no option because it brings up the password dialog two times in a row which is even worse.

    I really appreciate your help Igor, but I'm totally disappointed by the IAP framework. It would be great if you could create an internal bug report on that issue. And if you're on it: The IAP framework needs around 3 seconds to load. During that time the UI freezes and the display flickers. But that's another issue...

    Well, I'll try to find a solution to this problem. Maybe I'll bind the purchases to the IMEI or IMSI (that I can get via Qt Mobility) instead of using the Nokia Store user name. That's not as nice but might save my users from a flood of password dialogs....

    Anyway, thank you very much for your help!
    Conny

  12. #12
    Nokia Developer Expert
    Join Date
    Oct 2007
    Posts
    441

    Re: Having to enter the password twice for in app purchase (IAP)

    Hi Conny,

    please check example application bundled with the SDK : <SDK root>\Examples\InApplicationPurchase\BuyAndDownloadExample /// it demonstrates described approach. If you try it you will notice credentials for UserAndDevice() call is asked only once on the application first launch. Please note the application consists of two parts : server back-end and mobile client . Please compile and run only client part because back-end is established and working. I am sorry we did not stress enough example applications bundled with the SDK -- maybe that is why they left your attention.

    Regards,
    Igor

  13. #13
    Regular Contributor
    Join Date
    Oct 2009
    Posts
    59

    Re: Having to enter the password twice for in app purchase (IAP)

    Hi Igor,

    I've looked at that example. Unfortunately it brings up more questions than it answers.
    • It shows exactly the problem you've described in comment #7. That is, if the user signs into Nokia Store using a different user name the app won't work correctly any more because it always uses the user name that is stored in QSettings.
    • It uses IAPClient::restoreProduct() but the SDK documentation states "Only Nokia DRM encrypted items can be restored using IAPClient API."
    • It uses IAPClient::getRestorableProducts() which not only returns restorable products of BuyAndDownloadExample but also returns restorable products of other apps. In my case, for example, it returns a bunch of city guides. Of course BuyAndDownloadExample cannot restore them.
    • It uses IAPClient::ForcedAutomaticRestoration, which has no effect in production mode. So it does not restore.
    • From my understanding you shouldn't use any of the "restore" API of IAPClient if you have your own backend. At least that's how I understand the documentation. It this a false assumption?


    All in all here is my user experience with the BuyAndDownloadExample:
    • First startup. Enter password. Ok.
    • Buy product. Enter password. Ok.
    • Delete product.
    • Restore.
    • During restore I had to enter my password about 6 times. Not Ok. (After next startup this problem was gone)
    • After restore I still had an empty list of products.


    To me it just looks like IAP is still a real beta product and on top of that not very well documented. Has anyone already implemented any serious application on top of it? I doubt so. Well or maybe I'm just seriously confused and too stupid to get the whole thing... Who knows

    Best Regards,
    Conny

  14. #14
    Nokia Developer Expert
    Join Date
    Oct 2007
    Posts
    441

    Re: Having to enter the password twice for in app purchase (IAP)

    Hi Conny,

    Thank you much for looking into it. In generally, restoration makes sense in non-DRM model as a way to get purchase ticket for already bought product and nothing else -- i.e. the product is not get "restored" because of that operation -- you just get ticket. Think about IAP role as operation building blocks for your own logic. IAP provides you infrastructure and robust operations for secure money transactions -- that is IAP for , i think.

    If i may, i advice you to focus on your problem in your questions and try to get most from IAP for your benefit. if we cannot make something directly we can find work-around, nothing is perfect

    forgot , one comment for
    During restore I had to enter my password about 6 times. Not Ok.
    --- you should see it 4 times -- because it was batch operation -- this is a bug -- once cached, user credentials data preserves during IAP session -- fixed in next release

    Regards,
    Igor
    Last edited by izinin; 2012-02-02 at 16:44.

  15. #15
    Regular Contributor
    Join Date
    Oct 2009
    Posts
    59

    Re: Having to enter the password twice for in app purchase (IAP)

    Hi Igor,

    thanks for your answer. I hope some of my feedback will be considered in future versions of the IAP SDK and documentation. BTW I think QuickHit is one of the best IAP examples so far.

    Regarding the state of my current implementation - don't worry Basically I've implemented the QSettings solution with a small addition. After each successful purchase it is possible to do a silent call to getUserAndDevice(). I use the response to update the user name in QSettings. That way we limit the chance of getting false restore data.

    Thanks for your support!
    Conny

Similar Threads

  1. Uninstalling a password protected when not knowing the password
    By mehmetgns in forum Symbian Signed Support, Application Packaging and Distribution and Security
    Replies: 18
    Last Post: 2011-06-08, 07:37
  2. In app purchase
    By remy_david in forum [Closed] Publishing to Nokia Store
    Replies: 6
    Last Post: 2011-01-12, 17:58
  3. Enter Password in a Password Format
    By meghali21 in forum Mobile Java Networking & Messaging & Security
    Replies: 6
    Last Post: 2009-08-24, 18:50
  4. Enter password before unistalling
    By santu.paul@gmail.com in forum Symbian C++
    Replies: 9
    Last Post: 2008-11-20, 06:47
  5. TextBox to enter numeric password Ser 40
    By andretr in forum Mobile Java Tools & SDKs
    Replies: 0
    Last Post: 2004-06-14, 20:58

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •