What is software protection?
Software protection refers to measures that can be taken by a software developer to prevent unauthorised use of their software, enforcing their licensing agreement and using anti-debugging and anti-reverse engineering techniques to protect their intellectual property (IP) against theft.
According to the BSA at least 37% of software in use worldwide is pirated. This figure is significantly higher in Asia, Latin America and BRIC countries. This represents a huge loss in revenue to software developers.
Software piracy can take many forms. Unlicensed software can easily be distributed online or via peer-to-peer networks free of charge. Sometimes, illegal copies are made to look like the genuine product and sold for a fee. However, piracy can often occur when your customers exceed the terms of their licensing agreement by installing extra copies or allowing many users to use a single licence across a network.
Preventing Software Piracy
Piracy is prevented using a mixture of strong encryption and techniques to prevent debugging, analysing, tampering, dumping and decompiling of the developer's software. The central strategy of copy protection is achieved by strongly binding the protected software to a security token. This can be a hardware device such as a USB security dongle or a software-based key or lock that exists on the computer. If the security token is not present, or is compromised, then the software will not run.
Typically, asymmetric encryption such as RSA is used so that the protected software can securely communicate with the security token. The public key is stored in the protected application and the private key is stored in the security token. The tokens are designed with a very high level of security that can prevent extraction and modification of the contents of the token and cloning of the token itself.
Sometimes developers try to implement their own primitive copy protection systems based on some unique elements of the computer. However most, if not all, discover that this generates a huge amount of support and that to write such systems reliably and with enough flexibility for general use is very difficult. Not to speak of preventing debugging and reverse engineering of their software, which are advanced topics best left to the experts. Microcosm has spent over 30 years perfecting its copy protection systems and offers two solutions: Dinkey Pro, a hardware dongle-based solution and CopyMinder, a purely software-based protection system.
Software Protection Solutions by Microcosm
Both of our software protection solutions support two methods to integrate the protection:
The Shell method automatically adds a secure wrapper (a protective shell) to your application, forcing it to confirm the existence and status of the security token before the application is allowed to run. The Shell method also encrypts code and data in your software to prevent reverse engineering. With this method of protection you can apply software protection without modifying your source code.
The other approach is to call our protection API. This gives you flexibility on when to trigger a protection check and what actions to take depending on whether the token is present or the value of parameters securely stored inside the token. For example you can choose to terminate your program or run in demo mode if the token is not found. Or, you can decide which features of your program are enabled depending on data stored inside the token.
All of the licensing details inside the token can be updated securely and remotely. For example, you may use this to extend an expiry date or change which features of your software a customer can use.
You can use our software protection solutions to implement all kinds of licence models, including:
- One-off purchase
- Subscription/rental
- Secure trials/demos
- Network licensing (including controlling the number of users on a network using your software at the same time)
- Per computer/per dongle
- Feature-based
- Pay-per-use: controlling the number of executions of your software or of a command within your software