Additional security for multiple products

Along with the update of SKGL Extension (see release notes), we’ve added support for signing of product id (pid), user id (uid) and activation date. These fields solve the following problem that was reported by a user:

Before, it was possible to use the same KeyInformation file (serialized by SaveKeyInformationToFile) to unlock other products (that used the same Public Key, i.e. by the same software vendor). For some, it worked out by specifying this information in the Notes field.

This change mostly affects those that use offline key validation or some sort of periodic activation with multiple products in the same account. By checking the product id during activation/validation, you can ensure that only the correct key information object is used for a given product.

In addition, the activation date is currently signed also. This means that the client user is unable to change the activation date, which ensures that activation files are only valid for a certain period of time. A tip here is to try to use the TimeCheck method.

If you would have question about the way you can take an advantageb of this security measure, please send a question on our forum.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.