I have made a POS System for a client of mine using MS Access Server-Client approach.
He asked me to brand his software to allow only a certain “number” of users (cashiers) to access the POS System, and must be determined to the license his client will buy.
EX: 10 User License = 10 Cashiers ( not necessarily 10 users, it can be 30 users, shifting) = it means 10 PCs will be installed with the client software I made.
How and where do I put the logic that will determine if it is licensed or not.
What I have done:
I have created a serial key generator using Name. Problem is it can be duplicated once you give than name+serial combination, it would still work.
I am counting the number of users logged at a time. This could be problematic as I am using MSAccess and not MSSQL. I have scrapped this idea,
He also asked me if I could just put serial+mac address combination. That I could do but he will have a hard time implementing it and selling it if he needs the mac address of every computers to be installed with my POS.
I am at lost on what can I do. Would like to ask for tips and suggestions.
Thank you.
1
The task you are trying to perform is called “license management” and the tool you are looking for is a “license manager” program.
You can find a few different license manager programs out there but, even better, you can also write your own with a relativly small effort.
Most license managers are just webservices (nowadays they are almost always RESTful webservices, like the one you can esily create with Sinatra, for example) that performs these basic steps:
- Accept a request for an authorization key from a client program (that resides on the same LAN or on the Internet).
- Give the client an authorization key (taken from a pool of keys), if any key is available in the pool.
- Get back the key (this is a metaphor. Actually, the license server just reset the key after a pre-defined period of time).
The client program, on its side, requests the key when it gets started and gives it back (deletes it) when it stops.
Of course:
- You have to be able to trust both the license server and the client program. The server runs on a server machine that you control, so it is easy to trust it. The client program must be compiled (closed source) in order to keep any “hacker” from creating a new copy of the program that never deletes its keys.
- Client and server must be able to communicate through a LAN or on the Internet.
The server must be under your control or must be linked to the hosting machine in some way (usually using a hardware key).
Hope this helps.
3
Tying licencing to MAC addresses isn’t perfect (since the software could run on a virtual machine or use some other kind of MAC spoofing), but it isn’t necessarily unduly onerous. You just need to create a utility which he (or a reseller) can run on the target machines which harvests the MAC addresses and creates a digitally signed license file.
You could also consider using a hardware dongle.
Whichever licensing scheme you come up with, any reasonably clever user could circumvent.
Why don’t you hard code the user limit in the software, and, generate separate versions for 10,20,30 user licenses.
1