必要，不需要.推荐，是的.

Necessary, no. Recommended, yes.

所有购买；消耗品，非消耗品和订阅易受欺诈性攻击.通常是通过漏洞攻击者或网络欺骗来实现的.验证收据可以缓解此问题.

All purchases; consumables, un-consumables and subscriptions are susceptible to fraudulent attacks. Often though iap crackers or network spoofing. Validating the receipt can mitigate this problem.

您可以在应用程序本地验证收据(请参见

You can validate the receipt locally in the app (see Validating Receipts Locally), though it is still susceptible to cracking.

防止欺诈的最安全方法是通过将收据发送到您的服务器然后将其发送到Apple来执行服务器端验证(请参阅

The safest way to prevent fraud is to perform server-side validation by sending the receipt to your server then sending it on to Apple (see Validating Receipts With the App Store).

但是，请勿在应用本身中的应用商店中验证收据.欺骗网络请求并返回肯定的(有效的)结果真的很容易.

However, do not validate the receipt with the app store in the app itself. It's really easy to spoof the network request and return a positive (valid) result.

如果您发现从Apple报告中的实际购买与应用程序内购买分析之间存在很大差异(假设您已拥有)，则可能要投资于服务器端验证，否则，如果不是问题， ，不用担心.

If you notice a large discrepancy between the actual purchases in your reports from Apple and your in-app purchase analytics (assuming you have that), you may want to invest in server-side validation, otherwise, if it's not a problem, don't worry about it.