absolutely !
if you know how to program an arduino, and make it communicate with a computer, just buy some of these tiny85 based arduino, and it can become your own dongle, with minimum programming, and low price.
there are some on ebay for 5 , worth a try IMHO
https://www.ebay.com/itm/Digispark-Attiny85-tiny85-USB-A-mini-arduino-development-board-kickstarter/172170003474
@Steve Kelepouris
I just described what you can do with this combo device.
So, basically you get 2 in 1 device which is smart card reader (with smart card inside of it since it has sam slot inside) and usb flash storage.
On smart card you can store certificate and/or other client licence information’s - that depends which and what kind of smart card you will use - is it just memory card or its MCU smart card with some micro cpu in it.
Smart card is protected with PIN code so if they miss 3 times, smart card went out and they need to request replacement of it.
So that is side A.
Side B is classic data storage part which you can manage like you want.
I just give you a tip that maybe is possible to create read-only partition where you can store data which are for example software drivers, installer of your application for windows/mac/linux and other part of usb storage space (2nd partition) you can leave empty or you can use it for any kind of usb storage device 
… put your imagination.
Using Arduino is good but time dev consuming and can lead you to other issues and problems in production use.
[quote=364205:@Steve Kelepouris]Jean-Yves, that wifi device looks great! - I have thought about using wifi for the connection a while back, some of the devices I looked at seemed a little bit expensive but the esp8266 looks like it could provide an inexpensive solution regarding proximity.
[/quote]
the dev module is really affordable.
https://www.ebay.com/itm/WeMos-D1-Nodemcu-CH340-ESP-12E-12F-ESP-12S-WiFi-Development-Board-Shield-Adapter/272662723052
you can also try with a more powerful esp32 (has wifi and bluetooth, but arduino like IDE programming is still “young”)
https://www.ebay.com/itm/ESP32-ESP-32S-NodeMCU-Development-Board-2-4GHz-WiFi-Bluetooth-Dual-Mode/272963262409
for the key generation method:
generate a random serie of bytes, send them to the stick, make some one-way filter using a known-by-you-only method, and return another serie of bytes. compare inside your app. if not valid, quit.
make a request at different places of your app, it should work enough for a simple but efficient protection.
Ok, thanks.
So are you guys: Jean-Yves and Bogdan agreeing, or at least see some merit in using a dongle rather than online internet validation?
@Steve Kelepouris
Nope we don’t. We just trying to give you good advice’s and tips so you can make something on your own
I have one point of view and Jean has a 2nd so you have two options.
Regarding to validation over internet I wrote that also few days ago on this topic as well - please scroll up and look up for it too
I hope we help you to find right solution for your needs after all.
Thanks Bogdan, I really appreciate that.
I may well in the end come to the conclusion (like many others) that the dongle idea is gone and past it’s usefulness, superseded by better methods.
But I sure appreciate the time spent and the options given. Things for me to think about.
Cheers.
You can go with 1. in combination with extra option using internet activation if you want.
Why? If bank’s and other companies are using then why wouldn’t be good for you as well
Tomorrow you can make variation by simple changing a smart card type (memory, mcu and etc.) but usb stick with smart card stay or even if you can’t get them you can connect classic smart card reader and use again your made code to do licensing of your clients.
Have a lot of fun and keep walking forward!
O yea, & cheers mate
seeing that:
then the dongle solution I gave you is not old fashion for me.
Thanks for that Jean-Yves - your ideas and solutions have made me feel more positive.
So, lets get back to the licensing. Lets’ say that I have the dongle scenario all worked out (but forget about the wifi option at this stage), then what?
I release the software with a “timed” limit. I think the standard would be around 30 days? During that time (on start up) the user is warned how many days until the trial ceases - pretty standard stuff. I’m not 100% sure how to code that though, so I’ll need some help.
The countdown warning will always inform the user that they will need to contact me to order the dongle if they wish to continue to use the software in it’s complete state. By that, I mean that the trial version will be fully functional, but after the trial period ends the user will only be able to import, export and analyze data files. They will not be able to use the recording function without the dongle.
Maybe that is being too generous, but I think that if the recording function is disabled, then that may be enough of an incentive for the user to consider buying the software (dongle).
The hardware device pictured above is a working prototype. If someone actually said “hey, cool - can I buy one of those” then it would take some time to put another one together. Therefore I have to be careful about how I approach “releasing” anything.
So, how do I make a trial version with 30 days limit? I know I could do it via creating an individual version of the program for each potential user, but I’m sure that isn’t best practice.
it would be easier to allow some functions only when the dongle is present, and no time limit at all
but I don’t know your software, may be it would be allow too many things and the customer will not buy ?
FYI Dondles are nowadays very easy to crack. They now just copy the dondles data (including the code it runs) in a dongle emulator (which even emulates the dongle cpu)
On a side note: The very first dongle emulator was for the uncrackable Steinberg Cubase.
The current most used dongle is PACE which is already cracked with the same emulation technique.
Not sure a dongle is worth it. Even for very expensive software.
[quote=364454:@Christoph De Vocht]FYI Dondles are nowadays very easy to crack. They now just copy the dondles data (including the code it runs) in a dongle emulator (which even emulates the dongle cpu)
On a side note: The very first dongle emulator was for the uncrackable Steinberg Cubase.
The current most used dongle is PACE which is already cracked with the same emulation technique.
Not sure a dongle is worth it. Even for very expensive software.[/quote]
Back in those days when we worked with Autocad on MS-DOS, “Cracker” had already working “Dongle Copys” before 1 valid customer had a “real Dongle”.
To me, it looks like a lot of people are very suspicious to there customers.
A very simple software key will stop 99% of the kiddies. And after that there are 2 possibilities:
What would you rather like, Millions of users (50-50 paying/pirating) or 100 of users (and 100% paying).
Every hour you put in grand piracy schemes is loss for you.
And every more or less complicated anti-piracy system, bugs your customers 
[quote=364454:@Christoph De Vocht]FYI Dondles are nowadays very easy to crack. They now just copy the dondles data (including the code it runs) in a dongle emulator (which even emulates the dongle cpu)
On a side note: The very first dongle emulator was for the uncrackable Steinberg Cubase.
The current most used dongle is PACE which is already cracked with the same emulation technique.
Not sure a dongle is worth it. Even for very expensive software.[/quote]
his target audience is very limited, and the customers almost all know each other.
no craker will lose time hacking his software.
he can put the security level he wants, by randomizing enough the dongle access, ( for example ask dongle only the first sunday between 14 and 16 with random bytes #214) the cracker will need lots of time to record all his dongle and make a clone.
and again, small audience, so a dongle fits perfectly for this.
for large audience app (like cubase) dongles sucks .
@Greg O’Lone Believe me or not: 20 years ago I was working at the Alladin - HASP supportdesk.
I can’t believe that my previous post on this thread was almost 1yr ago!!! . . .
I’ve been working on my code and therefore the licensing issues have been pushed to the background. However, I think I’m closer to it this time, but things have become more complicated.
My Software includes a Hardware Device, therefore I have to look at this in a “different light” than purely just licensing the software.
This is where I’m at:
[1] Xojo Software
[2] Electronics Module
[3] Physical Hardware (ie. wood, metal, plastic, etc.)
My view is that [1], [2] or [3] should be able to be purchased as individual items. Therefore in doing so, there are 8 possibilities. The extremes are nothing at all (0), or everything (7).
[1]+[2] equals the Dongle type scenario - this is good and works well.
My Brother who has been my main “Alpha” tester has put it to me that I should sell the “whole” thing as a"solution. Yep, I get it, but I want versatility and be more liberal in that any/every component has merit.
I have put a “weighting” to the 3 components, and through that process, the value of the whole scenario makes my main Xojo Software seem almost worthless (but it’s certainly not). I can look at [2] and say the same thing, but that took a lot of effort as well.
So, in the end I can’t restrict the Hardware [3], (and don’t care, no big deal), I CAN restrict [2] the Electronics Module (other software), that’s fine, but I really need to be able to restrict certain functions of my Xojo Software [1], BUT that can be dependent on the other options: [1] and/or [2]. I think my Xojo Software is the only place it can be done.
Damm damm dammm difficult. In any case, I don’t expect an exact solution for this - because there is none. I appreciate that my question is also extremely difficult for anyone else to follow. The only way I can see forward is to make the user license my Xojo Software - in a non-complicated way, but maybe a simple key (old-school method) would be good enough.
For whom?
Yeah, well that is a good point Markus. Initially it makes it easier for me! but in the long run should also serve the user well.
What I’m trying to do here is have maximum flexibly whilst retaining control. Both of those criteria are at opposites and therefore makes my particular licensing requirement difficult to implement. Also as pointed out above, I have three components to consider.
As an example, the physical hardware [3] would be around the size of two standard briefcases stacked on top of each other (I think I’ve just come up with a new unit of measurement :)). The electronics [2] which is part of the hardware is already acting as a dongle.
At this point, if you purchased the entire apparatus: [1]+[2]+[3] you would need to plug in the hardware device (2 x briefcase sized dongle thingy) to use some of the extra features of the software. That would be very annoying to the user.
So perhaps offering another small dongle (teensy) for “remote” use could make sense. This would also enable someone to purchase the software+teensy dongle, independent of the hardware. A big plus.
It’s also important to point out that this a semi-professional scientific piece if kit. As such, there are not many easy alternatives. It’s not like downloading some image editing software - don’t like it - move on to the next one. It’s a specialised market with limited alternatives. Therefore the users would be more likely to wait a few days for the dongle to come via snail mail.
I’d prefer no reliance on internet access because what I’m wanting, is to create a stand-alone dedicated device AND be able to sell individual components. I realise I can’t have it all, what I’m looking for is a reasonable compromise which also protects my Xojo software to an acceptable level.