https://stackoverflow.com/questions/23172461
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianWhat you need is authentication and authorization. The user has to log in with a password or something similar to prove its identity and then you can decide if the user paid the fee and is therefore authorized to use the premium functions. If the request is from an unauthorized user just respond with an error. Encryption is not really required but it is obviously a good idea to encrypt all the traffic, especially because you also transmitting authentication information. The easiest solution is to just use TLS.
Protecting server data sent over network
-
06-07-2023 - |
Question
I have two applications :
- A client that offers a user-friendly interface
- A server that takes care of all the actual functionalities of the client.
The person that uses my application uses the client obviously, while the server application is stationed on a server computer, the two applications communicate using the TCP.
I've got some premium functions in my client application that the person can only use if they pay a monthly fee by logging in.
Now, my question is the following: How can I prevent that a person downloads the client application, pays a one-month fee just to check what TCP packet the server sends to the client so that then create their own application to just send that response over and over to the client to bypass logging in?
Is there any way to prevent the data that the server sends to the client from being read by the person running the client? Some kind of encryption?
Solution
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
