An in-app purchase requests password verification before the transaction. Thus, all the following input into the onscreen keyboard is the user's password.
Is handling keyboard events prevented at this stage so the app developer can't log individual strokes? Does it need to be a rooted device to log them?
Can't this then be matched with GET_ACCOUNTS or a similar function in the iPad?
Thanks
0 comments:
Post a Comment