It's the same reason you basically have to "repurchase" IAPs when you get a new device. There is no way for the developer to track that information and get you your rightful bits.
This has been going on long enough that I don't think Apple is going to do anything about it, either. I think they'd rather developers take the hit than have their customers get ugly interactions, even if they deserve it for pirating the games.
With IAP the developer can also retrieve a receipt from the device that can be verified by Apple's servers (process different in the Mac App store). This does not apply to the original purchase of apps from the store, only in-app purchase.
It's how Steam does it.
What I mean by "repurchasing" IAPs: Every app I've interacted with forces you to go through the motions of purchasing IAPs when you get a new device. You aren't actually charged, since Apple knows you already bought the item.
I also fully recognize that my familiarity with these APIs is cursory at best.
Or, more cynically, they know they can get a bunch of press (and thus, more sales) by "shutting down" the game temporarily while they implement the authentication layer.
This would also give the developers the ability to track the receipts and know if it had been hacked and shared. If the same receipt is being used to connect 100s of times simultaneously then it's time to ban a user. So while the IAP method isn't perfect, it would make it a lot harder for casual piracy to succeed.