Licensing your own software

Hi there,
What do you commercial developers use to license your software. For example to be able to run time limited trials etc.
I came across - PluginXojoQLRT - Protect and License Xojo Applications (http://www.excelsoftware.com/pluginxojoqlrt)
But haven’t had a close look yet… anyone else used it? or can provide better solutions.

A lot of us roll our own system. It allows for greater flexibility, and by not using the same codebase over and over again it marginally slows down those interested in piracy. I use my own online activation system; it ties into my shop and makes purchasing/activating quick and easy for users. (my setup example)

There are some existing solutions out there. I know of at least one person using Paddle.

I will add that I don’t know anyone using the solution you linked, and that wrapping apps is easily defeated - older BigFishGames being a prime example of how easy it was.

Like Tim, we built our own content protection and keycode activation system. That gives us total control and allows for maximum flexibility, so we’ve been able to adapt the system to meet the unique and evolving needs of our partners and their customers.

[quote=178184:@Adam Martin]Hi there,
What do you commercial developers use to license your software. For example to be able to run time limited trials etc.
I came across - PluginXojoQLRT - Protect and License Xojo Applications (http://www.excelsoftware.com/pluginxojoqlrt)
But haven’t had a close look yet… anyone else used it? or can provide better solutions.[/quote]

All depends the kind of licensing you ultimately need and the distribution you envision. Most people here have used their own schemes. That allows a much greater flexibility, and could minimize chances that a pirate attacks the scheme. After all, why spend much time on a proprietary scheme, when cracking something standard opens much many more apps. The main advantage of a ready-made solution is simplicity, though : instead of having to come up with your own complex code, you just apply an instant recipe. That can be the best way to go if you feel your programming skills may not be up to the task.

RBLibrary has a few articles on this. (RBLibrary seems to load slow for me, but it does work. Sometimes you need to reload the site to get it to load) @Norman Palardy runs this site as far as I know.

Creating a Registration Algorithm
http://great-white-software.com/rblibrary/index.php?main_page=product_info&cPath=14&products_id=25

Serials
http://great-white-software.com/rblibrary/index.php?main_page=product_info&cPath=2&products_id=73
http://great-white-software.com/rblibrary/index.php?main_page=product_info&cPath=2&products_id=106

Trial versions
http://great-white-software.com/rblibrary/index.php?main_page=product_info&cPath=2&products_id=105

We distribute our most popular software with a site license, so it was necessary to come up with a routine that would discourage users from sharing their activation information (our own concoction) with other users. What we decided on was incorporating their company name into our activation routine under the premise that they would be less willing to share their activation information if they also had to provide their company name as part of the activation routine.

We provide them with an activation code that, in part, contains a portion of their company name. In addition to entering their serial number, they also have to enter their company name and our activation routine will validate the activation code against the serial and company name (plus some other stuff). Their company name is saved and in the event they send an email requesting assistance or encounter an error, it will send us the company name along with their serial number.

It seems to work very good as a piracy deterrent and much less troublesome than an online activation routine - tried it and ran into nothing but problems. Especially in companies that have their internet locked down. You can imagine buying an application online, downloading it in minutes, and then being unable to activate it because you can get the online activation to work. Even if it’s their problem, they will blame you, and that’s exactly what they did.

Designing a good activation routine it tedious and takes great care and time, but if you are selling commercial packaged software, it’s worth investing the effort.

Hi everyone, I apologise for bumping an ancient thread, but I’m a new user so I’d like a chance to participate in the discussion. I am currently planning to publish my software. The software is intended for use in companies so I need to make a licence verification procedure for several computers in the same office so that each one has to pay for it’s own licence and not share one.

My idea was to read the hardrive ID and incorporate it into a request code. Then, upon paying, the user will submit the request code, and a PHP algorhytm on my website will calculate the activation code. This code will be written in a local file upon first activation. So everytime starting the program on the local machine it will read the hard drive ID and the same local algorhytm in the program itself will calculate what the activation code should be and then cross check it with the one in the file.

This is still an idea, and since I don’t have much experience with this I’d be glad if any of you could give me some comments.

That is similar to a system that I use, where various computer and private key information is encrypted and stored on each machine. however I email the activation code instead of having it server based…

I use my GuancheMOS plug-in. Sometimes just that for code reg generation/validation. Other times, in combination with other techniques, but using the data provided by GuancheMOS as the main-unique code.

Javier

one problem I see here is that if for any reason the software maker disappears (this happens …), and the customer wants to reinstall the software after he changed the computer (this happens too …), the customer can’t…

@Christian Schmidt wrote a Blog Post which I think was inspired by this Thread. Because his Xojo Blog is always worth a visit and the latest Article fits this Thread, I recommend it here and now. :slight_smile:

No that thread and my blog post are not related.

MBS Plugin have thing that can help on licensing.

E.g. sign data with digital certificate. Or calculate serial numbers, query details on computer and checking in local networks.

Anyway; always worth a read (and a mention). :wink:

You’re right, it’s better for the PHP script to send an email instead of displaying the info.

Good point. Well, in case I decide to give up my software career I suppose I will make a code generator program and send it to all my customers.

some of this xojo forum users (I know of one…) died in a car crash… not sure you will have time to write a code generator program …

https://forum.xojo.com/31988-rip-amando

My software uses the same style that Dave uses, and my work is used in corporate and personal applications and some of IP protection is really high.

For those who are concerned about a programmer leaving their company, I find that it is mandatory to create a small verification and key generation application. Although I can go through my old code and try and remember what I did for the algorithm, the license programs for each application has made it easy to maintain older programs.

Emailing a file that is generated by the program with information such as hard-drive id’s and other information is easy for the user and lowers the chance of errors when typing in a 24 byte key. :slight_smile:

Not what I do… I send the email, the code that creates the key the I manually email is the same code that is compiled into all my projects

what he said :slight_smile:

@Miloš Ignjatovi?
You can make something like Windows Activation does. Your client (end-user) enters app key, key is validated locally in your APP, then pass that key and other metric data like is hard drive serial number, network mac, imei and so on to your back office server.

Your server end validate request and if it’s okay then send back respond in form of value which is made from metric data in encrypted form.

You can use PKI (x509 certificates) to protect data in app and per user as well. This would add your extra security on your app since before internal licence validation you will first validate certificate and if certificate expire or not valid then next step in validation process will stop and break with error.

Also be aware that hard drive can be cloned so beside taking a hard drive serial number it’s better to gather more information’s regarding to different hardware info such as motherboard, network and wifi adapters.

What are peoples thoughts on using a dongle?

Unless your software is several thousands of dollars per seat, it’s not terribly practical. Dongles have their own set of problems, the least of which is driver issues as they are a hardware device connected usually through a USB port.

I did this with the HASP dongles 20 yrs ago and we decided they were too much of a support hassle for the project parameters.