views:

1248

answers:

6

How do you protect your commercial application from being installed on multiple computers from people who only own one license?

Do you think it's a good idea to have more than just a serial based scheme?

+2  A: 

You can always use a USB dongle if the software is worth it. Of course, all dongle manufacturers claim that their copy protection cannot be broken.

The advantage of this method is that it allows the user to use the software on multiple computers, but only run on one at a time, and it is actually not such hassle like some sort of product activation. The disadvantage, of course, is that you cannot deploy your application completely electronically. Even though you might think the opposite, actually many customers seem to accept the use of a dongle, at least in the field I work in. It's especially useful if you expect your customers to use (and also install!) the software in a place where no internet connection is available.

Edit: I overread the serial-based thing in the original question. Note that even that may annoy users more than having to put in a dongle, and it's easier for you too because neither the customer nor you have to deal with that numbers. Plug in the dongle and the app works. However, the serial-only method is by far the cheapest.

OregonGhost
+9  A: 

My general rules are

  • Huge deployments in commercial environments - Audit
  • Medium deployments of low value software < $1000 / seat - License key activation
  • Small deployments of high value software > $10,000 / seat - Dongles
RichH
+3  A: 

The following method works well, as long as you have a public server at your disposal:

  • Serial based protection, user must enter a serial before using the program
  • On first serial entry, bind the serial to the MAC address and create an auth code generated from both of these values.
  • Check with your server to make sure the serial and MAC can be bound to eachother. Register the MAC on the server.
  • On each subsequent run, never contact the server again, but each time make sure the serial + MAC address matches their auth code.
  • If the user has no MAC address, allow them to run the program as long as they have a serial.

This gives you protection against someone simply copying the registry from one computer to another.

If the user tries to install with the same serial on another computer, the server will not allow you to bind the serial number to the MAC address because it is already bound.

It is not a perfect solution but it protects you 99% of the time.

Brian R. Bondy
The customers for my last projects at work would likely not accept such a protection, because you cannot easily exchange the system or network adapter, and in the last project, they will likely not have internet access on the system. So it's sort of a specialized solution that won't work everywhere.
OregonGhost
Ya works nicer if your program is something that requires the internet. But you can just fall back on serial only if they don't have internet. Also you can setup a web service online for manual resetting, with a maximum value or make them contact support to reset.
Brian R. Bondy
THis solution doesn't require the internet. You can still do activations over the phone where they dial the numbers you tell them.
Chris Lively
Chris, good point, thanks.
Brian R. Bondy
+2  A: 

We use a MAC address plus license file approach. We have the customer send us the MAC address of their PC, then generate a license file based on that MAC address. We then send the file to them via email and then they load the license file into the program. The downside is that if people swap out network cards and you'll have to issue them a new license. It takes a little more bookkeeping to make sure people aren't always requesting new licenses, and a little trust in your customer base that they won't try to game the system too much. Depending on that trust level, you can add layers of encoding or encryption into the file so they can't easily duplicate the file. On the plus side, you don't have to implement or maintain any type of authentication server.

bsruth
+6  A: 

Do you think it's a good idea to have more than just a serial based scheme?

Speaking as someone who has to install all kinds of software on all kinds of machines, do please spare a thought for the poor network administrators when thinking up your copy protection scheme. Please, please, consider network-wide installs when writing your installer - by all means include some kind of serial number protection, even make me phone up or contact your website and get an authorisation code to get a site-wide installer code or whatever, but please make sure your licensing code works. A good way to ensure your technically-superior-to-anything-else-on-the-market software doesn't get installed and used is to mess up the installer or have an install system that is simply too much trouble.

David Hicks
Well put. Usable licensing is a feature.
Michael Petrotta
+1  A: 

We use Orion from Agilis. For some of our users we do activation of node-locked licenses, for others they get their activation by a web page or email, and for others we put a license server on their premises. Orion covers all the bases we need.

sotwr9