It seems like a perfect picture from here, but as the real world would tell you, people tend to be greedy. They tend to want to get something for nothing, that is to pirate software, to purchase one copy and install it on all of their machines. Now not everyone is like that - infact many corporations who have software licensed to them carefully ensure that they have the right number of licenses to match the number of people using the software. But what if you are a small startup company? Would a corporation follow licensing terms, or will they risk it figuring that the smaller company doesn't have the resources to follow up and litigate if piracy is suspected and/or proven? Furthermore if you are developing an application that is used by the mass public (consumer software), the piracy rates are staggering!
In developing software, we want to reduce or eliminate piracy or unlawful copying of our software because of the reductions in revenue and profit, as well as the inability for us to account for our user base and hence compromise support and service of our software. Many solutions to curb piracy have been suggessted, I will go over a few and discuss the pros and cons of each:
License Key System
The license key system argues that we simply assign a license/serial number to each copy of the software that we distribute. This key could be attached to a individual or organization as well as licensing details (for instance the number of computers it can be installed onto). The user must then enter that key into the software upon startup and that is all there is to it.
Pros:
- Minimal hassel on the part of the user, simply enter the code provided and go
- Highly reliable licensing system, as all the user needs to know is the key, there is nothing that can malfunction directly, so long as the key is valid
- Since all of the customer details are "attached" to the key, then if we see pirated copies popping up with that particular key, we know who to go after
Cons
- license violation is difficult to track and find if the key is not published in some open form (i.e. on the web), and the key is shared amongst secretive individuals
- quite easy to install "unlicensed" copies of the software by using simply one "licensed" key, since the system cannot tell whether this is the first time the software is being installed or the millionth
Product Activation System
The idea behind this system is that upon using the software for the first time, and perhaps every now and then, the user is prompted to activate the software online or over the phone if no internet connection is handy. What happens essentially is coded data is sent to a computer or operator for that matter, which contains unique identifiers "hardware details, software details, user details,". If the software is installed on multiple computers without authorization, the system could quickly detect this as the unique identifiers for the activation would vary significantly.
Pros:
- Tracking "pirated" copies of a software become easier because now the serial number is attached to machine specific information that is checked every time the software gets installed. If significant changes are noticed, a red flag is waved and we can figure out if piracy is infact occuring on that license
Cons
- Adds an additional hassel to the installation process as the user must go through this activation system before they can ever use the software.
- Most activation systems don't work perfectly 100% of the time and having to frustruate some users may cause hardship and distrust that could destroy a customer relationship and future sales
- What if the company producing the software with activation goes bust? How will licensed customers maintain access to their rightfully licensed software if the mechanism allowing entry disappears?
- Additional cost is strapped to the software company producing the software as most activation schemes offered have fixed monthly costs, in addition to new license setup costs
Hardware Dongles
The idea behind the hardware dongle is to tie the software to something pyhsical, something that cannot be readily copied or moved over. The hardware dongle is essentially a small device that looks like a USB thumbdrive or alternatively the end of a parrallel port. What it does is it plugs into the computer that is running the licensed software and the software will check for the dongle, which contains the encryptions codes needed to unlock the software. If it doesn't find the dongle, the software refuses to run.
Pros
- Eliminates the need for any hasseling process when setting up or using the software on the computer, as you need to do is to make sure the dongle stays plugged in during the use of the software
- The dongles themselves can and have proven to last a very long time. In the world of software if a dongle can last 10 years of use, or more (which most can), then it can withstand the test of time as by then that software would be considered far obsolete. Many are covered by lifetime warranties
- Software piracy becomes theoretically impossible under this system as the dongle (pyhsical licensing mechanism) can only be used on one computer at a time, and if the license software checks the dongle frequently enough (say 10 times a day), then it would become very impractical in most cases to have any sort of widescale piracy. Machine (computer) specific data can be loaded onto the dongle to prevent someone from moving the dongle to other computers in close proximity and hence defeating the mechanism
Cons
- What happens if the dongle gets lost,damaged, or stolen? The downtime that the end user would face, in waiting for a new dongle to arrive is one thing. But what if you cannot get a new dongle for the customer, say if the company making the dongle goes out of business or no longer makes such a model? What if the software maker is out of business?
- There have been tales of disgruntled workers and employees stealing the dongles from their employers and as a result causing significant damage
- What happens if a clever end user claims their dongle is lost or stolen, but infact is lieing to you and will use the "lost" dongle to license another machine? How can you prevent this "lost" dongle from being used again to license another computer?
- The software company has to pay a fixed fee per user to get a dongle created
Software As A Service (SaaS)
The idea behind this licensing strategy is that we rethink how we do software. Rather than providing the user with a disk and telling them to install it on their computer and have that software run locally as a desktop application, we provide all the software and solutions they need online for them to acccess anytime provided they have a internet connection.
Pros
- Minimal, if any hassel on the part of the user, just navigate to the software online and access the content you are licensed to
- All of the, "magic" that makes the software tick becomes a black box that lies on a server in a secure environment, meaning proprietary secrets, remain secrets
- Piracy becomes a thing of the past because license validation now occurs online on your end (i.e. server side) so each time someone wants to access the software they must already be enrolled in the service before we can grant them access
- The solution can be as arbitrarily as reliable as need be, and this licensing scheme is quite scalable
- Since the software is subscribing to the software as a "service" they will receive updates to the software and as a customer they receive more attention as they remain perpetually active clients with us
- License enforcement costs are zero!
Cons
- All of the information is now being stored remotely so you have to trust the other party providing the service to be mindful of this and to make sure all safeguards are in place
- What if the business providing the service goes bust? Since they hold all of the data, not to mention the application, it could all vanish into thin air. Agreements and contingency plans, however can mitigate this risk significantly.
- The cost of the software you are using via this scheme isn't fixed, but based on a monthly or annual price schedule which can scare those who don't want to be tied to a software system that has unknown quantities.
Summary
In looking at all of the license options, I have come to the following conclusions:
- If you can afford to do so, consider Software as a Service (SaaS), since it is the solution that minimizes the hassel for your end users, while ensuring absolute license compliance.
- If users are wary of the "cloud infrastructure" concept and insist on desktop software, then you are left with two feasable options, then you must wiegh the first three options provided. What you must determine is your piracy to hassel ratio, that is how much piracy will you tolerate in comparision to the hassels your user will experience in the licensing strategy used. For instance the hardware dongle solution can signifcantly reduce piracy but at a hassel to the user of having to deal with damaged, or stolen dongles.
- No licensing solution (except perhaps Software as a Service) is foolproof. Hardware dongles, activation systems, license keys they are all vunerable to attack and once cracked the game could very well be over. If you take the aggressive licensing strategies (i.e. hardware dongles or activation service) and the licensing system gets cracked, all you have is frustrated legimiate users who had to put up with such schemes.
Whatever you do, try the licensing techniques out before you end up using them and shoving them down your customer's throats. Companies like Intuit, the makers of Quicken have learned this the hard way. Go over to the manufacturers websites, try out their solutions, demand free trials and demonstrations because then and only then can you determine what solution will work best. Ask the manufacturers the tough questions that your end users will ask of you and your licensing scheme. For instance a good question to ask the hardware dongle makers is what provisions they have in place should the my company go belly up and my customers are left with lost, stolen or damaged dongles?
No comments:
Post a Comment