Prevent Casual Piracy for Simple Utility

Question

I've written a small utility that I wish to sell for less than $10.

My primary concern is "casual piracy". The scenario that plays out in my mind is this:

User buys the program, enjoys using it and tells their friends. The friends copy the application to their USB drives and take it home - using the application for free (maybe never realizing they should have purchased it.

Since I've got absolutely no protection built in, it would just be a simple copy'n paste to pirate the app. The users who would be using the app are in close proximity to each other (work in the same environment), so casual piracy would likely occur frequently.

Any ideas? Keeping in mind the app is cheap (partly to reduce casual piracy), and the level of effort to write the app hasn't been very demanding.

Update: the app will run on any system that supports .NET 3.5.

Answer 1

If your app will run on Windows 2000 and later, you could use Windows Management Instrumentation (WMI) to get some sort of hardware info such as MAC address.

Store this with your application and whenever your app starts, check that the MAC address is the same. If it is not you could gently ask the user to buy your app and/or close your app.

Keep in mind that the user may replace their network card and so quite reasonably will expect to be able to continue to use your application. Make sure you allow for this scenario.

This is a very low tech and easily bypassed way of piracy prevention, but would be very simple to implement.

See this question on how to get the Mac address using WMI (and the WinAPI).

Answer 2

To prevent the simple case how about forcing them to have a valid key that is a hash of computer name or mac address or something. I imagine that this is something similar to what Mo Flannagan of WindowTabs does. When you pay for the application you get a code. You copy and paste that code into the app settings area and it tells you that the code is valid and unlocks certain features.

I think this is a good combination of no-hassle and piracy avoidance.

Answer 3

A good place to start would be http://stackoverflow.com/questions/109997/. The main advice I'd give, is don't go in with the assumption that people are untrustworthy--assume trust, mostly. There will be pirating, but even if someone hits a red flag, don't attack them--otherwise, you may turn off any honest customers that hit weird situations. A light message just requesting 'please don't distribute this app' can do more to dissuade casual pirates than all the locks in the world--and strong locks can actually encourage people not to recommend your software.

Answer 4

I believe what you're looking for can be found in the Software Licensing and Protection services. There is documentation on MSDN here:

http://msdn.microsoft.com/en-us/library/bb931699.aspx

Answer 5

You could build the concept of an "account" system into your application that logs in with the "mothership" and then store their IPs for uniqueness.

Answer 6

This has been covered on SO before -- see here, here and here. Basically, the general consensus is that if people want to pirate your software, they will do so and there's really nothing you can do to absolutely prevent it. You can make their job more difficult, but ultimately if they're determined enough they're going to win. Even Microsoft can't stop illegal copies of Windows being distributed, despite having vast amounts of resources (both intellectual and monetary). I'd say to implement a few simple countermeasures (see above links) to at least make sure that copying your software is discouraged, and spend the rest of your time improving the software itself (rather than spending loads of time trying to devise a totalitarian piece of software that doesn't trust its users).

Answer 7

Here is my answer to a similar question: http://stackoverflow.com/questions/1417848/create-an-application-that-will-expire-after-a-trial-period/1417872#1417872.

Basically it (and the comments) advocate crippling your app in a way that prevents it from being used effectively but still allows it to be evaluated successfully (for example, by not allowing the user's work to be saved), and then allowing users to purchase a code that unlocks the full functionality.

Because each unlocking code is unique to each installed copy, it prevents casual piracy such as you describe.

Answer 8

The most trivial system I'd recommend for you is to set a registry key.

Then, on the running of your app, you check for the key. If it's not there, you recommend that they 'register' your app; and prevent whatever access you like on the basis of this being done. This will mean a simple copy of the file will still allow them to use it, and potentially buy it via the (possibly optional) 'register' option.

The registration would have them enter a name, and your server would then map this to a new unique ID it comes up with. Then, when the app is run on subsequent requests, if the server is online, it will check that the details they've provided match the key your server says they should have.

And, as is obvious, it won't protect against anyone who really cares to try; but that's not what you're asking for. The implementation I've described will also (to a degree) prevent someone writing a keygen. They could write a program that will query your own server for new keys, but you can prevent that, again, if you wish, via a trivial system of passing a key to the actual call to generate keys, before you process it (and have the facility to update this in all your legitimate apps).

In your case I think it's a quite trivial solution, and pretty easy.

Answer 9

As others have said, your best bet is to trust and respect your paying customers.

1. Consider pirated copies as adverising Unless your potential market is limited and you think your penetration will be very high, it's likely that even some of those who don't pay you will end up recommending your app to others who might.

2. Make buying your app easy and painless. Either make sure you sell through a reputable vendor, or if you sell/release it yourself make sure that they can pay with (something like)PayPal during the download or registration process. Many would never give you their credit card info.

3. Spend most of your time improving the app. As someone said, make your customers want to pay for your software. You'll enjoy it more, and ultimately probably do more for your success.

NOTE: I'm one of the few people I've ever met who bought licenses for WinZIP, mostly because it was so far ahead of any competition. But I only tried it based on a recommendation of an admin who never bought his license.

Answer 10

I have a simple solution for this. Send user key and CPU ID, MAC address and HDD serial (or more so if a part of the computer changes it will not cause problems) to an preferably https website which is logged to a simple database. A simple GET request will suffice and should be easy to implement. You can hash these data to protect customer identity. A single query can list shared use of keys. You should check in long time frames (weeks or months) to avoid problems that might occur from changes in computer. If you detect same key is used in more than one PC you can warn your customer. If he claims he doesnt know the pirate, send a new serial blacklisting the other.