Software licensing mechanism without internet [closed]

Question

Closed. This question needs to be more focused. It is not currently accepting answers.

---

Want to improve this question? Update the question so it focuses on one problem only by editing this post.

Closed 6 years ago.

Improve this question

I've developed software that I want to protect with licensing. So far I've got code that uses the details of hardware components to generate a unique ID for each machine. I can then permit the activation of 5 machines against one single serial key (5 machines per license is what I'm selling).

This all works fine, but obviously only on machines that have internet connection. Is this just a limitation of this sort of protection and there's nothing I can do about it? Or is there a way I can tackle this problem?

NB: At this point, in this thread, I'm not open to critique regarding the way in which I've generated the unique ID, this is the method I've chosen and, rather ignorantly, need to stick by for a few reasons.

Answer 1

I think you have several options:

1. As described in the comment, don't make your license floating but machine specific by incorporating the unique IDs of all allowed machines in the key. Upon startup check the unique ID of the current machine against the key
2. Use your current approach but with the difference that the server is not on your side but on customers premise, i.e. a license server the customer needs to install somewhere.

3. Implement some kind of self check: Each running instance sends its unique ID into the network and in turn listens for the unique IDs of other running instances. The first instance that receives more than four unique IDs via the network shuts itself down. I guess this could be implemented using UDP broadcasts. The implementation of this is not that trivial:

   • You need to make sure that exiting one instance and starting a new one right afterwards doesn't lead to a shutdown elsewhere.
   • Furthermore, you might want to implement a check that the machine is indeed networked

   If I were to implement something like that, I would introduce the following three package types:

   • Start: Instance just started and broadcasts its ID for the first time. All other instances need to broadcast their own ID as an answer. The reason for this is twofold:
     1. Fail fast
     2. Ideally, the instance that has been started last should exit if the maximum number of allowed instances has been exceeded. It would not be ideal if one of the already running instances would shut down.
   • Periodic: All instances periodically send their unique ID, just in case a previous transmission was missed
   • Exit: If one instance is closed it tells this fact the other instances

In all cases, you should think about encoding the number of allowed instances into the key, so you can later hand out differently sized keys.

Answer 2

Make it a requirement to have central licensing server. Each program on startup registers with that server. The server tells the client if it can start or not. In case of 5 programs are already started, the program refuses to start.

when the program stops, it tells the licensing server again that it's license is not needed any longer.

Job done. No internet required.