After your software is activated on a customer's computer, it is very common for you, as a publisher, to want to maintain some level of control over this license. Whether you want the ability to revoke a customer's license who let a subscription expire (or otherwise has failed to pay), or you want to allow customers to securely transfer a license from one computer to another, the one thing that you must do to protect yourself (especially when your software is running in an environment that you do not trust) is periodically validate each computer's license.
Presumably, as in the case with the SoftwareKey System, the software was activated on each computer with some type of serial number or License ID, and each time this is done, a unique identifier associated with this specific PC's instance of the license is also established. I will call this second unique identifier an "Installation ID." Periodically validating the Installation ID with a central licensing authority is the secret behind the control.
"There is very little control that can be enforced without some type of license validation process."
When deciding on rules for entitlement validation business logic, a software publisher must consider that licensed software can be run from many different places, such as:
It can be challenging for a software publisher to figure out the best balance of license validation rules for each of the environments listed above. Here's a method we've found that works well.
One quick way to handle the last two (usually the most difficult) scenarios in the list above is to create Different Policies for Different Customers, based upon the level of trust with your customer as well as the overall cost of their software licenses. For example, we often hear that people generally trust government agencies who would fall under #6 above.
The easiest way to address the top four working environments mentioned above is to create a three step validation interval with escalating urgency in messaging:
For example, a software publisher may begin validating a license 7 days after it was last validated. It can fail silently for 14 days when it can then begin to warn the user for 7 days before finally locking the software license. If at any point during the process, the license is successfully validated, the timer resets and the process starts over from the beginning.
"If at any point during the process, the license is successfully validated with the server, the timer resets and the process starts over from the beginning with the Fail Silent period.
Although it may be tempting to set up your software to perform Fail Silent validation requests on every execution or throughout multiple actions inside of your software, failure to adequately cache your license status and appropriately validate your software license can have an adverse effect on the overall responsiveness of your central licensing server, affecting all of your customers.
Each software publisher and customer may have different business goals and requirements for using your licensed software. Building a three-step validation interval provides a good framework for protecting your software while keeping your customer informed about license validation requirements. Please feel free to contact us if you would like assistance determining the best license validation interval policies for your company's software.
Mike Wozniak is one of the co-founders of SoftwareKey.com and responsible for marketing, content and product strategy. When he isn't plotting new ways to help customers solve licensing and business automation challenges, he likes to travel and entertain guests who come to visit the Orlando area. He also writes most of the licensing tips here.
Protection PLUS 188.8.131.52 Released with New Support for Consumption-Based Licensing and More!
Licensing Plug-ins for Other Applications: 5 Tips
Drive Sales and Customer Retention with Thorough Testing
How to Satisfy Widely Diverse Customer Licensing Requirements
How Your Software’s Environment Affects Copy Protection and Software Protection
Product Activation: Fingerprints, Copy Protection, Disconnected Computers