大约一个月前，我买了一款名为鲸鱼尾部在Google Play上销售。今天，当我试图在地铁上玩游戏时，它要求验证游戏的许可证，并没有这样做（因为地铁上没有互联网连接），关闭游戏。当我回到家时，我看看游戏的"权限" 选项卡，并看到了这个：
似乎这是一个内置于Google Play的功能。所以我的问题是，这个"许可证检查" 如何工作？应用程序多久使用这款"功能" 手机回家来验证，确实是我不是一个肮脏的海盗窃取这些开发人员的应用程序？
About a month ago I bought a game called Whale Trail during a sale on Google Play. Today, when I tried to play the game on the subway, it asked to verify the game's license, and failing to do so (since there was no internet connection on the subway), shut the game down. When I got home, I took a look at the game's permissions tab and saw this:
Market license check
Can check if you have a license for this application from Market
It seems like this is a feature built into Google Play. So my question is, how does this "license check" work? How often does apps using this "feature" phone home to verify that indeed I'm not a dirty pirate stealing these developer's apps?
You can choose when, and how often, you want your application to check its license and you have full control over how it handles the response, verifies the signed response data, and enforces access controls.
So yes basically whenever the developer wants it to. I'd imagine the most common time to check is when the application is first opened.
Your application does not query the licensing server directly, but instead calls the Google Play client over remote IPC to initiate a license request. In the license request:
Your application provides: its package name, a nonce that is later used to validate any response from the server, and a callback over which the response can be returned asynchronously.
The Google Play client collects the necessary information about the user and the device, such as the device's primary Google account username, IMSI, and other information. It then sends the license check request to the server on behalf of your application.
The Google Play server evaluates the request using all available information, attempting to establish the user's identity to a sufficient level of confidence. The server then checks the user identity against purchase records for your application and returns a license response, which the Google Play client returns to your application over the IPC callback.
Obviously this is all done online so if you're offline then it won't work. If I was writing the application I would have a counter to let the person to use it offline 3 times or so before having to go online to get the license check in order to stop the kind of thing happening to you where you can't play offline. Of course if someone digs into the file where the counter is stored they could change the value back to 3 tries every time they use it and never have to pay but that's probably beyond the technical competence of most users.