Late last week, Apple told developers that they’d have to use a workaround in their apps to prevent the in-app purchasing hack — which lets users avoid paying for in-app purchases — but that the same solution would also be rolled in iOS 6 as standard. Now, Alexey Borodin, the Russian behind the discovery, claims the workaround is impossible to hack.
The trick, which routes data through Borodin’s own servers, lets users obtain in-app purchases without paying. Unless app developers update their software, the hack will continue to work in iOS 5. However, Apple’s workaround will be included as standard in the soon-to-arrive system-level update of iOS 6, so the door will soon close. On his blog, Borodin explains:
By examining last Apple’s [sic] statement about in-app purchases in iOS 6, I can say, that currently game is over. Currently we have no way to bypass updated APIs. It’s a good news for everyone, we have updated security in iOS, developers have their air-money. But, service will still remain operational until iOS 6 comes out.
On Saturday, we reported that the compromise had been extended to work with the Mac App Store — so it seems likely Apple will be shifting its attentions to that problem. [In-AppStore via The Next Web]