Secure serial numbers
The licensing system uses an asymmetric algorithm to encrypt serial numbers. The number is encrypted with a private key that only the developer has. The protected product uses the corresponding public key to verify the serial number. Due to the length of keys used by the system (1024-bit RSA or higher), it is virtually impossible to derive the private key and create a key generator for the application.
Locking code to a serial number
VMProtect allows execution of parts of the program code on a virtual machine. The instruction set of the virtual machine changes with each build of the protected program. The licensing system allows encryption of parts of virtual machine instructions using a key stored in the serial number. Therefore, even if a hacker modifies a conditional jump in the program, the code will still not work without a valid serial number. Since code decryption is handled by the virtual machine, the decryption algorithm is difficult to analyze even if the serial number is available.
Limiting the period of free upgrades
The licensing system can write a date into the key so that all application versions released after that date will not work with the key. This mechanism allows limiting the period of free upgrades. For example, the current date plus one year can be written into the key at purchase, allowing the user to download updates for one year. The key will work only with versions released within that period. After one year, the user can either continue using the last compatible version or purchase another year of updates.
Key expiration date
The licensing system allows writing a date into the key after which it becomes invalid. This is useful for products that require regular updates. For example, the current date plus one year can be written into the key, and the software will work for one year. Unlike the free upgrade period, the user has no alternative here — a new license must be purchased to continue using the product.
Limiting program operation time
The licensing system allows limiting the maximum runtime of a program instance. This is useful for many demo applications. For example, a user can be issued a serial number that limits the program session to ten minutes. After that, the program stops functioning. This option is also convenient for server applications where restarting the program is not easily possible for the user.
Hardware locking
The licensing system allows the developer to obtain a hardware identifier of the user’s PC based on CPU, network card, and OS information. A serial number can then be generated that is valid only on that specific hardware. This option allows restricting usage of the application to one or several computers.
Black list
If a serial number is compromised, the licensing system allows adding it to a blacklist. A blocked serial number will not work in future versions of the application.
Data storage
The licensing system stores and provides the program with the following data from a serial number: user name, e-mail, and up to 255 bytes of arbitrary data (custom user data). This can be used to display additional information in the “About” window, implement additional checks for entered serial numbers, or store constants available only in the registered version of the product, and more.
Time-limited demo versions
With the activation system, a software developer can automatically generate time-limited serial numbers bound to the user’s hardware. This allows setting up a secure trial period (demo), since VMProtect does not rely on hiding trial markers on the user’s computer, but instead generates a working time-limited serial number. Activation is performed over the Internet, and the activation API also supports offline activation mode.
What the licensing system cannot do and why
100% secure hardware lock
Although the licensing system allows binding a serial number to a hardware identifier, most hardware data is obtained using operating system mechanisms, which can potentially be intercepted or modified. The licensing system uses various techniques to minimize this risk, but if you require a fully secure hardware lock, a solution based on USB keys (also supported by VMProtect) is recommended.