Tuesday, May 04, 2004

Software Registration

rackproof Your Software: Protect Your Software Against CrackersFrom JOS' discussion board, a developer asks how best to prevent piracy of his application:

I am trying to come up with a software registration system. I am debating whether it is good or not to lock the application to a single PC (if possible at all)... I have a few methods in mind for registration...

* One registration method requires you to be connected to the internet. The connection might be needed for a few seconds either the first time you run the app, or every time you run it. This essentially is to make sure only one copy of the registration code is alive at any given point. So if you distribute the app to your friends, all of you can't run it at the same time.

* Another method requires me to generate a different (unique) binary everytime someone buys the app. I am not sure how I would send this binary to the customer though. I guess I would create it automatically, and then create a link only for that customer to download as soon as the credit card info is entered (i.e. the sale is closed). After the app is downloaded, the binary and the link will be deleted. This looks pretty involved though.

So based on your experience, what kinds of "maintenance" headaches would these methods create? I am pretty new to this registration stuff. I wish I didn't have to deal with it, but looks like I have to...

We use a paid registration code for our Personal Edition download (free, but some advanced features expire after a trial period). The code gets emailed to the user automatically after a purchase.

When the user enters the registration code into the client software, the program will attempt to report back to the central server. This report includes the code, the internal and external IP addresses, user-name, and other basic registration information. If the user isn't online, the program will wait a few days and try again later.

If we receive multiple notifications from a bunch of different IPs that all use the same code, we know some piracy has occurred. We gently notify the original purchaser that they are responsible for distribution of the code... and that's usually as far as it gets.

The Joel on Software Forum - Software Registration

No comments: