What is a suitable licensing model?

[makcakaya]

Hello Daniel;

How can I implement a sound licensing model (at a reasonable level) using Portable.Licensing? There are few considerations about the model I am looking for:

• User should be able to install the product to another machine and continue to use the license there. The old installation's license should be disabled though.
• User should not be allowed to use the same license from multiple machines at a time.
• User should be able to download license when the license is missing.

Should I utilize license Id and some kind of machine based property to validate the license with a server?

What is your suggestions for this kind of requirements? Does this sound right to you? I am not experienced in licensing so I am looking for your advice.

I can create a tutorial based on your suggestions and contribute to the project so that others can follow the tutorial and get an insight on how to implement a real-world licensing scenario.

Thanks for the great library and your precious time.

[dnauck]

Hello @makcakaya,

with this kind of requirements it looks like your user needs a permanent connection to your license server.

The first point is easy, the user just needs to copy the old license file to the new installation and can continue to use your application. But how do you want to determine that the old installation is invalid? Even with an online check.

One thing you can do is to generate a hardware id on the first run of the application and register the license id + hardware id on a license server. If the hardware id changes disable the old one. What is if the user uses virtualization and just clones the VM?

To detect multiple uses of your application on the customers site you could used UDP broadcasts. But they are easy to block or just won't work if your customers has multiple networks for each office, etc.

As you can see its not just easy to archive this checks as they just annoy your customer more then they help you.

Maybe you can tell me a bit more about your application (e.g. is this a client/server app, or a web app, etc.) and we can find out what is the best solution for your.

[makcakaya]

Daniel thanks for your answer, it is really appreciated.

To be clear we have a Windows Service application that serves as a web service, let's call it A. And we have a WPF application, let's call it B, that consumes A's web service and serves as a web service to the next mobile application. Mobile application, call it C, consumes B's web service and runs on Windows CE. They all communicate over TCP and HTTP.

As you said, we don't want to annoy our customers too much. We don't actually need absolute protection against illegal use, a reasonable level of protection is fine for us.

I thought of a license system like this: The license client will poll the license server every X minutes and the server saves the last poll issued by the client. If server detects a poll in less than X minutes after the last poll, illegal use is detected.

When the licensed application is started, a random number is generated, and the random number is used as a delay before making the first poll. This way, if multiple instances of application is started (even at the same time, random number helps here), the time between each poll received by the license server will be less than the expected x minute. And we can invalidate the related license.

Does that sound reasonable to you?

Again, thanks for your time.

[GeertvanHorrik]

We have written a layer around this component that sends out the UDP packages. It can even tell them which computers (and users) are running so you know who to ask to shut down the software ;-)

See https://github.com/WildGums/Orc.LicenseManager

You are probably interested in this:

https://github.com/WildGums/Orc.LicenseManager/blob/develop/src/Orc.LicenseManager.Client/Orc.LicenseManager.Client.Shared/Services/NetworkLicenseService.cs

[makcakaya]

Thank you. I will have a look :)