How do you protect your commercial application from being installed on multiple computers with one license? [closed]
Asked Answered
R

7

15

How do you protect your commercial application from being installed on multiple computers from people who only own one license?

Do you think it's a good idea to have more than just a serial based scheme?

Reese answered 6/10, 2008 at 19:41 Comment(0)
R
14

The following method works well, as long as you have a public server at your disposal:

  • Serial based protection, user must enter a serial before using the program
  • On first serial entry, bind the serial to the MAC address and create an auth code generated from both of these values.
  • Check with your server to make sure the serial and MAC can be bound to eachother. Register the MAC on the server.
  • On each subsequent run, never contact the server again, but each time make sure the serial + MAC address matches their auth code.
  • If the user has no MAC address, allow them to run the program as long as they have a serial.

This gives you protection against someone simply copying the registry from one computer to another.

If the user tries to install with the same serial on another computer, the server will not allow you to bind the serial number to the MAC address because it is already bound.

It is not a perfect solution but it protects you 99% of the time.

Reese answered 6/10, 2008 at 19:58 Comment(3)
The customers for my last projects at work would likely not accept such a protection, because you cannot easily exchange the system or network adapter, and in the last project, they will likely not have internet access on the system. So it's sort of a specialized solution that won't work everywhere.Kubetz
Ya works nicer if your program is something that requires the internet. But you can just fall back on serial only if they don't have internet. Also you can setup a web service online for manual resetting, with a maximum value or make them contact support to reset.Reese
THis solution doesn't require the internet. You can still do activations over the phone where they dial the numbers you tell them.Whiffler
S
19

My general rules are

  • Huge deployments in commercial environments - Audit
  • Medium deployments of low value software < $1000 / seat - License key activation
  • Small deployments of high value software > $10,000 / seat - Dongles
Selffertilization answered 6/10, 2008 at 19:50 Comment(1)
We used key/e-mail combination with online validation for our products. In cases where the network wouldn't allow this we also had phone validation. The user pressed a certain key combination and would get back a code they read to us over the phone. We could then validate on our end and give them their key. The license was good for multiple users on one computer or one user on multiple computers; not both. (We'd collect a list of over than X number of validations and check this every once in a while.) Also, if you validated using an admin account it validated all users on the machine.Iselaisenberg
R
14

The following method works well, as long as you have a public server at your disposal:

  • Serial based protection, user must enter a serial before using the program
  • On first serial entry, bind the serial to the MAC address and create an auth code generated from both of these values.
  • Check with your server to make sure the serial and MAC can be bound to eachother. Register the MAC on the server.
  • On each subsequent run, never contact the server again, but each time make sure the serial + MAC address matches their auth code.
  • If the user has no MAC address, allow them to run the program as long as they have a serial.

This gives you protection against someone simply copying the registry from one computer to another.

If the user tries to install with the same serial on another computer, the server will not allow you to bind the serial number to the MAC address because it is already bound.

It is not a perfect solution but it protects you 99% of the time.

Reese answered 6/10, 2008 at 19:58 Comment(3)
The customers for my last projects at work would likely not accept such a protection, because you cannot easily exchange the system or network adapter, and in the last project, they will likely not have internet access on the system. So it's sort of a specialized solution that won't work everywhere.Kubetz
Ya works nicer if your program is something that requires the internet. But you can just fall back on serial only if they don't have internet. Also you can setup a web service online for manual resetting, with a maximum value or make them contact support to reset.Reese
THis solution doesn't require the internet. You can still do activations over the phone where they dial the numbers you tell them.Whiffler
A
14

Do you think it's a good idea to have more than just a serial based scheme?

Speaking as someone who has to install all kinds of software on all kinds of machines, do please spare a thought for the poor network administrators when thinking up your copy protection scheme. Please, please, consider network-wide installs when writing your installer - by all means include some kind of serial number protection, even make me phone up or contact your website and get an authorisation code to get a site-wide installer code or whatever, but please make sure your licensing code works. A good way to ensure your technically-superior-to-anything-else-on-the-market software doesn't get installed and used is to mess up the installer or have an install system that is simply too much trouble.

Austere answered 6/10, 2008 at 20:27 Comment(1)
Well put. Usable licensing is a feature.Ingles
C
5

Use machine-locked licenses or licenses requiring activation to lock licenses to specific machines. Instead of developing such a scheme yourself, consider using a ready-to-use one like CryptoLicensing which supports these features.

DISCLAIMER: I work for LogicNP Software, the developer of CryptoLicensing.

Cammiecammy answered 25/4, 2012 at 10:55 Comment(1)
Its for C#. What about QT?Distinguish
S
3

We use a MAC address plus license file approach. We have the customer send us the MAC address of their PC, then generate a license file based on that MAC address. We then send the file to them via email and then they load the license file into the program. The downside is that if people swap out network cards and you'll have to issue them a new license. It takes a little more bookkeeping to make sure people aren't always requesting new licenses, and a little trust in your customer base that they won't try to game the system too much. Depending on that trust level, you can add layers of encoding or encryption into the file so they can't easily duplicate the file. On the plus side, you don't have to implement or maintain any type of authentication server.

Spectre answered 6/10, 2008 at 20:20 Comment(0)
K
2

You can always use a USB dongle if the software is worth it. Of course, all dongle manufacturers claim that their copy protection cannot be broken.

The advantage of this method is that it allows the user to use the software on multiple computers, but only run on one at a time, and it is actually not such hassle like some sort of product activation. The disadvantage, of course, is that you cannot deploy your application completely electronically. Even though you might think the opposite, actually many customers seem to accept the use of a dongle, at least in the field I work in. It's especially useful if you expect your customers to use (and also install!) the software in a place where no internet connection is available.

Edit: I overread the serial-based thing in the original question. Note that even that may annoy users more than having to put in a dongle, and it's easier for you too because neither the customer nor you have to deal with that numbers. Plug in the dongle and the app works. However, the serial-only method is by far the cheapest.

Kubetz answered 6/10, 2008 at 19:46 Comment(0)
L
2

We use Orion from Agilis. For some of our users we do activation of node-locked licenses, for others they get their activation by a web page or email, and for others we put a license server on their premises. Orion covers all the bases we need.

Lanner answered 16/10, 2009 at 21:30 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.