Is Sharing Really Caring? Not If It’s Your Password29th March 2021
10Duke 101 – Understanding the Basics of 10Duke Licensing20th August 2021
Software Activation – The Good, The Bad and the Modern
Introduction to Software Activation Methods
Software Activation is a technology designed to verify that a software product has been legitimately licensed for use.
The first commercially available ‘non-bundled’ software was sold by mail order in 1975 and developers did not need to worry about how to activate software. The programme arrived by post as lines of code printed on paper that had to be typed out manually. Fast-forward to 2021 and although leveraging software is much easier than it was 46 years ago, software activation solutions are inconvenient and slow and have fallen behind modern ways of working.
Traditional software activation methods that use a product key can introduce a lot of friction into a software business. However, the emergence of cloud computing systems has created new, more reliable ways to on-board legitimate end-users.
If you are a developer or an ISV, find out how implementing the right software activation methods could help you to future-proof your business.
What is Software Activation?
Software activation is a process designed to prevent a developer's software from being copied or used illegally. Products that require a software activation key usually cannot be installed or run until a valid activation code is entered, and it is therefore a way of enforcing software licence agreements with end-users. Sometimes the activation code is linked to the serial number of the device, a cd or an instance of the software.
The software activation key (or product activation key), is usually a string of characters that includes a mixture of letters and numbers. The most basic software activation methods involve a database of software activation codes. Codes are sent to the end users who enter them into the program or installer manually. Activation codes can be included with boxed software products, sent out with confirmation emails, or delivered through technology such as license servers.
How Software Activation Works
Software activation boils down to a simple license check. If a valid license is available the application starts. If not, the user is alerted to enter valid credentials or upgrade their account. The installed software either stores the product activation key locally and checks whether it is valid or invalid, or for more modern cloud-based activation methods, the software periodically checks online to determine access rights.
Outdated Software Activation Methods - a bad example
Pinnacle studio 24 is a creative video editing software. A perpetual license costs £114.95 without offering a free-trial - unlike most of its competitors. The boxed version of the software is physically shipped to the consumer and it comes with a time-consuming 12-step installation process.
The activation key, which has to be entered manually, is located on the disk drive and is therefore not available when the disk is in use during installation. The end user license agreement is signed by the user half-way through the installation process and users are also advised to switch off their virus protection software temporarily. Upgrading or re-installing the software includes locating and deleting hidden computer files.
If the verification mechanism fails due to detected changes in installed hardware or operating systems, the programme may stop working suddenly. In the event of a lost or damaged disk, or a key that stops working, a legitimate software user will have to wait for new software or product keys to be shipped, generating more frustration and potentially even incurring unnecessary financial loss.
For software developers this difficult activation process not only creates customer support tickets, but also ultimately does not offer much protection from copyright infringement. The ISV or developer also has no way of ever knowing whether distributed software has been activated.
In the world's most famous thought experiment, physicist Erwin Schrödinger described how a cat in a box could be assumed to be both dead and alive until the box is opened and the actual state of the cat is confirmed. Software activation, at its very worst, plays out this uncertain predicament, potentially indefinitely.
With outdated software activation methods, such as boxed software products sold with an activation key inside the box, it may not be possible to verify the activation state of software. Developers can’t just look in the box - they don’t even know where the box is. This leaves ISVs and developers in the uncertain predicament of not knowing whether a software activation still needs to be supported.
A More Modern Way - Spotify
Spotify is an online music streaming service that provides a great example of good software activation. Users access the software via the web and can download the software for off-line listening on up to 3 devices. They can also run the software via the web app from almost anywhere in the world and a free-trial version is available before committing to buy the premium version.
Accounts are tied to a user’s digital identity via a verified email address and Installed software is node-locked to tightly control the number of permissible installations. The combination of node locking and identity-based licensing enables Spotify to not only track where their software is installed, but also who is using it. Floating software licensing ensures that concurrent usage is virtually impossible. Users are granted one license, which follows them seamlessly across devices and browsers, however because the Spotify app ‘calls home’ whenever an internet connection is available, users are prevented from running more than one instance of the software at a time.
End-users can self-manage their accounts through an online dashboard, and in the event that a device is no longer working, has been lost or stolen, or if they simply decide to transfer the download to different hardware, they can easily deactivate an installation at the click of a button and free-up the installation for a different device.
Once the 30-day trial period ends, users are automatically downgraded to the free plan and can continue listening without any disruption, however the premium features will no longer work until their account is upgraded. The Spotify software activation process is seamless, efficient, secure, automated, agile, fast and user-friendly. Unlike the Pinnacle example, there are no support tickets for developers or shipping physical hardware, free-trials can be used to increase conversion rates and up-sell products - without frustrating end-users.
The Basics of 10Duke Licensing
With 10Duke it’s easy to replicate the world-class software activation process used by companies like Spotify, Netflix and many other leading-edge software service providers, simply by integrating our APIs into your software apps. Free-trials are supported, not just for new users, but also to showcase individual product features to existing customers, regardless of whether they are connected to the Internet or not. You can also integrate your preferred payment provider to accept online payments and automatically upgrade or down-grade accounts.
Automatic issuing and de-provisioning of licenses is a hassle-free way of ensuring that free-trials can be used to grow revenues, while at the same time ensuring that a software product has been legitimately licensed for use. Access to licensed applications is always secure and convenient, helping to protect the intellectual property of the software industry, but with the least impact on paying clients.
How 10Duke license activation works
End-users access your software products through a simple online user-interface. The interface is provided by 10Duke, but is white-labelled and can be completely customised to suit the individual requirements of each ISV or software developer. You decide what information to collect from anyone that accesses your products, whether payment details are required in order to access a free-trial, when and how the license agreement is signed and much more.
The 10Duke Identity Provider API takes care of user account creation. In order to create an account, users are required to provide an email address and a password, and the interface can be set-up to increase online security by enforcing password best practices. For enterprise licensing environments, account creation can be strictly limited to a specific corporate domain or even a specific email address. Social sign-in can be enabled for corporate and personal users, making it easy for your customers to sign-in to your applications using their favourite social log-ins like Facebook, Twitter and Google. You can also allow your customers to serve themselves when they forget passwords or login details, rather than them having to wait for a response from your IT team.
The 10Duke Identity Provider (IdP) is responsible for authenticating the users held within its database any time they try to log in to an application. The IdP sends information to other applications so that they can determine whether software should be allowed to run. From here the 10Duke Entitlements API takes over.
The Entitlements API works in tandem with the IdP by checking the permissions of authenticated users and allowing features and functions to run only when the correct permissions are in place. Granular licensing permissions can be set and managed through an online admin console in order to fine tune licenses to best reflect how customers use software. In effect, that software activation and the issuing of a license are bundled into the same step, making it much easier for you to administer and for your customers to access your application.
If you are not using web-based licensing, then you are not really protecting software at all. Product activation keys are not effective in preventing copyright infringement or preventing unlicensed usage. They are also somewhat inconvenient for end-users as well as software developers and can easily be shared or misplaced. By creating a difficult and time-consuming software activation process, legitimate software users are punished even though copyright infringements are not prevented. If you have created a successful software product, there is a good chance that someone will try to crack it using a key generator, and they will more than likely succeed eventually. What’s worse, you have no way of knowing if this happens.
When you tie software activation to a digital identity you hold your end-users more accountable, but at the same time grant them more freedom and a more modern user experience. Traditional software activation methods do not offer the same degree of flexibility as 10Duke’s identity-based access and can sometimes even prevent legitimate users from accessing a product.
Software activation at its very best involves eliminating software downtime and reduces friction when onboarding new users. It also removes uncertainty and speculation for ISVs - no more Schrodinger's cat! With a cloud and ID-based software licensing solution from 10Duke, you remain in complete control of your software products. Your software IP is protected and you can maintain oversight regarding who is accessing what and when.
Are you a software developer looking to sell more? Learn more from our guides:
You might also be interested in:
Software Activation is a technology that verifies a software product has been legitimately licensed for use. Learn how to do it effectively.