whitespace COMPANY whitespace SERVICES whitespace PRODUCTS whitespace PURCHASE whitespace SUPPORT whitespace CONTACTS whitespace Home whitespace Contact Us whitespace Site Map whitespace
whitespace
SUPPORT
whitespace
FORUM
whitespace
FAQS
whitespace
SUBSCRIPTION
whitespace
REQUEST ON-LINE
whitespace
whitespace

Technical Support Forum

Welcome Guest Search | Active Topics | Log In | Register

Anti-Piracy Strategies for Developers Options · View
alexk
#1 Posted : Thursday, November 19, 2009 4:16:50 PM
Rank: Administration


Groups: Registered

Joined: 7/28/2009
Posts: 55
Location: Ukraine, Lviv
Hi Everyone,

Anti-piracy strategies allows us to track piracy and detect how much of our application installations are legal.

How to enter market and not loose sales in first day ?

First of all you should be ready that your application can become a subject of piracy. Be prepared, integrate into application copy-protection system.

Three main points:
- any device based copy-protection that works localy on device without server side can be easily compromised and as a result cracked.
- Server side, or better call it On-Line activation is the only way to control installations.
- Server side logic can be adjusted to support "black-lists"

Pros and Cons of On-Line activation:
- by firewall or by proxy software application can be redirected to the wrong web site, for example pirate one. (MINUS)
- by applying secured protocol of exchange HTTPS and checking certificate that risk can be eliminated. (PLUS)
- application requires INTERNET permission (MINUS)
- all major vendors already switch own protection to On-Line activations, so end user will well understand what for it's required. (PLUS)

We are saying that On-Line activation is the only way to put piracy under control.

What to use for activation as UNIQUE identifier ?

We suggest to use IMEI also known as Device ID (in some cases device ID is not the same thing as IMEI). Why IMEI?

First of all IMIE uniquely identify device and police can use it for tracking device and find owner of the phone.
Second point is "compensation risks" that end user will feel. For example: end-user bought phone for 600$ (USD) and will that user risk by own device? In most cases NO. Maximum cost of application that exists on Android Market is less then 57$. Most applications cost 1-3$. So compensation working, if user install 5 stolen application in total cost 15$, then he got a risk to loose 585$.

I personally do not know a lot of people that ready to risk such money.

How to track piracy ?

It's simple: difference between activations and sales give you a number of pirated copies.

Can be piracy risk eliminated completely ?

Short answer - NO. But we can reduce it, and make close to 1-3% percents.

Why Android Market Piracy exists ?

Android Market is a pre-installed application on most Android phones. Users will start to use it first, and only if it's completely broken, will start to search another utility/alternative.

Android Market is not the problem. Problem exists in chain between software vendor and end user.

End User Buy --> Android Market client --> Android Market server --> Google Checkout --> Vendor

Information that can prevent piracy are on end-user hands. It can be transferred by Android Market client to server part, but who knows?! Android Market is a closed-source application.

In case of using Alternative markets, can be build process that successfully implement anti-piracy chain:

1) End User Buy --> Alter Market client --> Alter Market server --> Payment System --> Vendors Server --> Activation key reservation for End-user.

2) End User device --> Get Reserved key from Vendor Server
ArtfulBits Team
Product Director
alexk
#2 Posted : Thursday, November 19, 2009 4:38:06 PM
Rank: Administration


Groups: Registered

Joined: 7/28/2009
Posts: 55
Location: Ukraine, Lviv
What About "How to enter market and not loose sales in first day" ?

Strategy is simple.

First Step - end-user wants to try your application and don't want to pay money for that. So we have two choices here:
- trial version of application with some kind of limitations (period of time, functionality)
- and "lite" version.

Second thing to do is publish application on alternative markets. Not all users have access to Android Market, but many of them want to try something new.

In case of trial version we should go to the next step: protect application from pirate copies. As I said before On-Line activation for today is the only way to do it right.

How to catch pirates ?

We know several successful strategies for today.

1. Honey Pot

It's a simple way. Vendor make special leak of software version and during activation process collect "black list".

It's not a rule, your software can be stolen without your interest in that. In that case you should be ready to convert stolen version into "honey pot".

2. Do versions often

Second successful strategy is to create new versions often and during building of new version change inside it copy-protection security/keys.

Each new version will use own keys for protection, that after release of the 10 or more versions will make on web very hard to find proper key to proper version.

BTW the most secured way to create licenses is to use RSA algorithm. Application contains only public key and can decrypt license (key/activation data) from server where stored Private key. In license should be placed information about device that request that license, otherwise it can be compromised.
ArtfulBits Team
Product Director
Users browsing this topic
Guest
Forum Jump  
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.

Company | Services | Practices | Technologies | Career | Contacts | Privacy
© 2005-2016 ArtfulBits. All rights reserved.