PROTECTION PLUS ENHANCED COMPUTER ID ALGORITHMS

 

Protection PLUS has the ability to “lock” your software to the computer on which it is activated.  By taking a “fingerprint” of certain hardware pieces of the computer during activation and storing this fingerprint (or Computer ID) in the License File, the application can verify the Computer ID on subsequent executions in order to determine if it is still running on the same computer.  This mechanism stops a user from activating the application and copying it to multiple computers still fully activated.  There are two Computer ID implementations in Protection PLUS:  Legacy Computer ID Algorithms and Enhanced Computer ID Algorithms.  

Overview

The Legacy Computer ID Algorithms allow the developer to select a limited number of hardware and operating system items to bind, including the following: (1) Windows Product ID key; (2) the format serial number of the hard drive; and (3) the MAC Address of the network card.  A single Computer ID number is generated from all the selected algorithms; therefore, if any one of these items changes, then the Computer ID becomes invalid.  This can cause unwanted support for re-activating a customer after small hardware changes such as reformatting their hard drive.  While the Legacy Computer ID algorithms are still present to allow backwards compatibility, they have been deprecated and replaced with a newer mechanism.

The Enhanced Computer ID Algorithms (EID) have replaced the Legacy Computer ID Algorithms by providing a more robust implementation to lock an application to a computer.  The EID utilizes 17 pieces of hardware and operating system items in addition to a “vote” system to determine if the application is running on the same computer.  When an application is activated, a Computer ID number is generated for each of the 17 hardware-binding items, and each of these Computer IDs are stored internally in the License File.  A single 32-bit Computer ID is then generated from a subset of the configuration data and this "single ID" is ultimately used for activation purposes, just like the Legacy Computer ID Algorithms.  Note: Only the 32-bit "single ID" is available for use through the API the 17 different configuration items are currently not accessible.   

The individual hardware items are assigned a vote weight: a value between 1 and 9.  Certain items which may change frequently are assigned a smaller vote weight while items which would rarely change are assigned a higher vote weight.  For example, the memory size is assigned vote weight of 2 as it may change more frequently than the motherboard information which is assigned a weight of 9.  When an activated license is validated, each individual hardware item is calculated from the current PC configuration and compared to the corresponding hardware item in the License File.  If the value for an item has changed the vote weight for that item is added to a total vote count.  Once all items are compared the total vote count is checked to see if it is less than a threshold value specified by the developer. If the total vote count is greater than the threshold value then the application is not running on the same computer on which it was activated.  Major hardware items generally have a vote weight of 9 and lesser items will have a vote weight between 2 and 3. We strongly recommend a threshold value of 20 which allows two (2)  major hardware changes and one (1) minor change.

One of the hardware items is the physical serial number of the hard drive.  Since a computer may have multiple drives, each drive’s serial number is retrieved and when the application is activated all the drive serial numbers (up to four drives) are stored in the License File.  On subsequent license checks each current drive’s serial number is compared to each serial number in the License File to find at least one match.  This allows the user to add hard drives without the invalidating the license.  If at least one drive in the PC matches the drive list in the License File the vote weight for the Hard Drive serial number is not added to the total vote count.  If no drive matches are found then the vote weight is added.

Once every 90 days has passed and the PP_COPYCHECKTH function is called using the Enhanced Computer ID Algorithms and the hardware data is within the threshold value, this hardware data in the License File is overwritten by the current computer’s hardware data.  This allows the user to make gradual hardware changes to their PC without risking deactivation of the license.

 

Flowchart describing Computer ID Number comparison

 

 

Changes to Protection PLUS Functions

The following Protection PLUS functions have been modified accordingly:

PP_COMPNO:  The type parameter now accepts COMPNO_ENHANCED (65536) as a Computer ID type.  This will generate a single LONG (32-bit) number using the Enhanced Computer ID Algorithms.  This number is used for the User Code 2 field when activating by phone or with SOLO.

PP_COPYADD:  The flags parameter now accepts COPYADD_ENHANCED (4).  By using this flag, the current hardware algorithms are acquired from the PC and stored individually in the License File.  You can only store one Enhanced Algorithm Computer ID in the License File at one time.  Using this flag will replace the existing Computer ID in the License File.

PP_COPYCHECKTH:  The flags parameter now accepts COPYCHK_ENHANCED (4).  By using this flag, the current hardware algorithms are acquired and compared individually to the Computer ID data stored in the License File.  The total vote count is processed and compared against the threshold.  If it is greater than the threshold, the function will return PP_FALSE, otherwise PP_TRUE is returned.  The comp_num parameter is not used and may be set to 0.

PP_COPYDELETE:  If the comp_num parameter is set to COPYDEL_ENHANCED (-2), the Computer ID data is deleted from the License File.

PP_COPYGET:  The slot parameter now accepts COPYGET_ENHANCED (-1), which will return the single LONG 32-bit Computer ID from the License File.  

The EZTrial and EZTrigger functionality is described below under the LFEdit section.

PP_TRANSFER:  Pass the flag PP_TRANSFER_ENHANCED (-1) in the comp_num parameter to effect a license transfer using the Enhanced Computer ID Algorithms.

 

 

 

LFEdit Changes

When using LFEdit and either EZTrial1 or EZTrial2, there are new options under the Product Definition-EZTrial tab in the Hardware Binding section:

 

No Hardware Binding:

When using EZTrial, the Computer ID is neither used nor checked to validate a License.

 

 

Legacy Algorithms:  

Select this option to use the previous Hardware Binding Algorithms.  Used for backwards compatibility.

 

 

Enhanced Algorithms:

Will cause EZTrial and EZTrigger to automatically utilize the new Enhanced Computer ID Algorithms.

 

 

 

Vote Weights

As annotated in the overview, each piece of information used in the Enhanced Computer ID algorithm has a vote weight, which is defined as the number of votes when the given piece of information changes.  Below is a list of what pieces of information are gathered by the Enhanced Computer ID Algorithms and what their respective vote weights are.

 

Hard Drive Format Serial

4

MAC Address of Network Interface Card (NIC)

9

Windows Product ID

4

Bios Revision Number/Date

3

Computer Name

1

Processor Information

9

Processor Speed

3

Memory Size

2

SID

4

Video Card

4

Hard Drive Model

9

Hard Drive Serial

9

Motherboard Model

9

Motherboard Serial

9

CD/DVD Drive

3

Sound Card

4

Domain

6

 

Behavior