According to a developer who contacted MacRumors, the new field called “unique_identifier” appears to include the Unique Device Identifier (UDID) for the device making the In App Purchase. This could suggest that Apple may be looking to identify users and devices who are sharing their receipts with the Russian hacker to allow the method to function.
However, developers are saying that the new identifier won’t do anything to prevent the hack, writes TheNextWeb. Developers will first have to update their apps to check the value; then a receipt validation with Apple’s servers will be necessary to check against the unique_identifier.
Apple has confirmed that it is “investigating” the App Store hack and has already taken some action to stop it from working. The company has blocked the servers that were used to implement the bypass in the first place.
The hack lets iOS users trick the App Store into giving them in-app purchases for free, potentially costing app makers revenue and causing Apple a major headache.