Last week, Apple was confronted with a security breach problem that enabled users to make in-app purchasing without paying for the selected items. But, as MacRumors noted, Apple was very quick to fix that by adding a new field entitled “unique_identifier” to its purchase receipts.
First, Apple tried to remove the YouTube video made by Russian hacker Alexey V. Borodin from the website’s servers, while PayPal blocked his account. Even so, these measures did not last long as the hacker bounced back in a few hours.
Google took some serious action against the breach and tried to assist Apple in this matter. Borodin himself reports that the search giant made his “instruction” blog obsolete:
“Okay, it's time to move to another blog system. Let's free Google from problems coming from some fruit company. Okay, here is solution. Getting Started is now hosted on another server,” Borodin announced.
Apple took the final step by applying the unique_idenfier, but what is curious about this move is that in the past the Cupertino clan was against apps collecting UDIDs. Ultimately they didn't seem to have much choice, and are using this measure in the absence of a better alternative.
Source: Apple Now Including Unique Identifiers for In App Purchase Receipts to Combat Hack - Mac Rumors