How do I copy-protect my Java application?

cragiz picture cragiz · Sep 5, 2010 · Viewed 26.3k times · Source

I want to sell my Java application using PayPal. When a payment is received, the customer is mailed a one-time download link to my application.

My question is, how do I prevent people from sending the .jar file to their friends/uploading it on the internet?

Obviously I need some kind of check in the application which only allows it to run on one computer. And that's another problem, I don't want a customer to have limitations on one computer, they should be able to run it at home and work etc.

Maybe some kind of cd-key would do the trick? Is there any cd-key resources for Java out there? Or should i build my own algorithm? Here comes yet another problem, reverse engineering..

Please help me solve this :)

Answer

Michael Petrotta picture Michael Petrotta · Sep 5, 2010

The most common way to handle this is: customer gives you money, you generate a unique unlock key and provide that to the customer. The key should be a valid unlock key, and it should encode identification information about the user. Customer uses that key to install on as many of their computers as they like, or is allowed by the license.

Don't worry about reverse-engineering. Your product, if it's at all popular, will be pirated - you'll find unlock keys online if you look hard enough. If you like, you can take that as a compliment - someone liked your software enough to steal it. Cold comfort, I know, but the alternative is to get in an arms race with the pirates, and you won't win that. In the end, a few percent of the population will steal software, and you can't do much about that. You can use the key's identification information, if your scheme is strong enough, to trace who released the key in the first place.