Step 1: You don’t. I am not ZDNet and refuse to explain to you how it is done.
The fact of the matter is, due to a hack by a Russian developer, it can be done. This isn’t good. Unlike other Apple-mishaps, a speedy statement needs to be given by Apple and the problem needs to be rectified very quickly. The jailbreak community is reasonably large, and — unfortunately — there are plenty of people that will try to steal stuff.
Individuals and businesses rely on in-app purchase revenue. As proprietor of the only method of selling stuff in the App Store, Apple has a responsibility to protect the people who build on their platform, sometimes unwillingly. If they don’t, app developers will be wary of using in-app purchases for their future projects; detrimental to an ecosystem that has come to depend on IAP for profitability.