Category: Software Licensing Best Practices

Adding Cryptolens SDK Into a Rhino 3D Plugin

The goal of this blog is to explain the 5 easy steps on how to add Cryptolens SDK into a Rhino 3D plugin. If you want to install our software license manager for a Rhino 3D plugin, please also check out our blog on how to get started in .NET. You can find that post here.

This blog will mainly cover how the steps in theory, and if you want code examples, please read the full documentation page for Rhino 3D plugins. We also show code examples in the following YouTube video:

5 simple steps to add Cryptolens SDK into a Rhino 3D plugin

Step 1 – Download the SDK

In our example, we create a plugin based on Rhino 8. When you have your project open, please follow this link to download our SDK on GitHub.

When on GitHub, click on “Releases” and choose the latest release. There are two versions to choose between. “Cryptolens.Licensing.CrossPlatform.zip” can be used if you expect to target platforms other than Windows. Normally, we suggest to try downloading “Cryptolens.Licensing.zip” and checking if all the features you need are supported.

Step 2 – Extract the folder

When you have downloaded your desired file, the next step is to extract the libraries. You will see that we have all of the binaries for all of the platforms on the downloaded file. For this tutorial, we will be using “netstandard.2.0”.

When in the “netstandard.2.0” folder, please copy the folder’s path link.

Step 3 – Dependencies

In Solution Explorer in Visual Studio, right-click on “Dependencies” under the name of your project. In the new menu, click on “Add Project Reference…”.

Step 4 – Browse

In the new window, click on “Browse” in the left menu. Now, click on the “Browse…” button in the lower right corner. In the “File name” field, please paste the folder path that you copied in step 2.

You should now be able to see the file called “Cryptolens.Licensing.ddl”. Please select that file and click “Add”. That should take you back to the original window, and simply click the “Ok” button to complete the step.

Step 5 – Install Newtonsoft.Json

The final step is to install Newtonsoft.Json using NuGet. To do that, right-click on “Dependencies” once again under the name of your project. This time, click on “Manage NuGet Packages…”

In the new window, change to the “Browse” tab and search for “Newtonsoft.Json”. When you find it in the search result, please install it using the down-arrow icon to the right. Click “Apply” in the window that pops up.

Code examples and full implementation

A good step to do next would be to build the project using our key verification code to see if everything is working. We suggest checking out the YouTube video above or going to the full documentation page.

Thank you for reading, please reach out to us if you have any questions!

Subscription VS Usage-based licensing

Do you want to license and sell a software product? Then you might be interested in understanding the differences between subscription VS usage-based licensing. The two licensing models are beneficial in different ways, and we will in this blog give you guidance on what to choose.

If you want to read more about licensing models, please read our help pages. We made the following video covering subscription VS usage-based licensing:

When to choose usage-based licensing

First of all, what is usage-based licensing, and how does it work? Usage-based licensing is when you charge a customer for a specific action. For example, you might sell software to photographers where they can edit photos. Instead of charging your customers a subscription fee once a month, you can charge a customer per photo that they edit in your software.

One benefit is that you can charge the customer more fairly. Enterprises that use your software every day pay a high price. Startups that use your software once in a while are allowed to pay a lower price.

So when should you opt to charge per usage instead of a subscription fee? The value that your customers get from your product must be highly correlated to the specific action you want to charge for. This simply means that the actions you charge for need to provide a lot of value to your customers.

Your editing software from the example provides value to your customer only when the customer edits a photo. Therefore, it is appropriate to consider usage-based licensing for such a software product.

When to choose subscriptions

Great! But when is it not a good idea to charge customers for certain actions? We covered earlier that usage-based licensing allows you to attract both small and large customers since they can have their own prices depending on their usage.

If you are selling multi-purpose software where you cannot find one specific action that gives all of your customers a lot of value, subscriptions can still allow you to charge customers different prices.

By implementing different pricing plans with different feature sets, you can motivate enterprises to pay a higher subscription fee to get full access to your product. Startups can then get a more basic version without all of the features at a smaller price.

Cryptolens makes it effortless to license and sell any type of software application, no matter if you want to implement subscriptions or usage-based licensing.


Get Started with Cryptolens Today!

Different types of software licenses - Cryptolens

How do you implement a Software Licensing System?

When you are thinking about licensing and selling your software product, you probably come across the question “How do you implement a software licensing system?” In this blog, we will cover the basics of Cryptolens so you can get an idea of how you can implement a software licensing system and start to license and sell your software product.

Please visit our help pages if you want to learn more. You can also learn about software licensing basics in the following video:

Implement a software licensing system

Follow these easy steps to start:

1. Install our SDK in your programming language.

2. Create a free Cryptolens account.

3. Insert a code snippet into your code.

    Let us begin with the SDK. Cryptolens offers comprehensive SDKs in your favorite programming languages to make it effortless to implement a Licensing as a Service (LaaS) platform within minutes. Install our SDK in your language here.

    Create a free Cryptolens account to get access to our easy-to-use dashboard where you can create and manage license keys and restrictions. You can also find your access tokens and other parameters that you have to insert into your code. Cryptolens offers you a way to implement licensing for free at your own pace, and you only have to pay when you get customers of your own. Check out our pricing plans here.

    The last step is to insert a code snippet into your application’s code. We provide comprehensive help guides to make the implementation seem effortless. The following image gives a summary of how our code snippet looks. See the code snippet in your programming language here.

    License key verification is effortless with Cryptolens software licensing system in any coding language!

    Are you new to Cryptolens? Welcome! We are dedicated to offering an easy-to-use Licensing as a Service (LaaS) platform so you can license and sell your software application within minutes.


    Get Started with Cryptolens Today!

    How does software licensing work?

    A common question when selling and licensing a software application is “How does software licensing work?”. Understanding the basics of software licensing allows you to make smarter decisions when it comes to monetizing your software.

    It is crucial that your software is able to know who is allowed access and for how long. Depending on what licensing model you choose, the software licensing system will behave differently. We are briefly explaining how software licensing works in this blog.

    You can also watch the associated YouTube video:

    Explaining how software licensing works

    A licensing as a service (LaaS) provider such as Cryptolens will do most of the heavy lifting. When a user of your software signs up, your software sends a request to a license server. The license server then checks if all of the requirements are met. For example, was the customer’s last payment successful?

    If all of the requirements are satisfied, the license server sends a response back to your software that tells it to run as normal. If, for example, the customer did not pay their last payment, the license server will tell your software to display a message telling the customer what they need to do to gain access to the software again.

    In some instances, your software may be unable to send a request to the license server. For example, your software might be running without Internet access. Your software would then use a license file on disk or call an on-premise license server. At Cryptolens, we provide methods of doing both of the options to our customers.

    We have now answered the question “How does software licensing work?”. If you are new to Cryptolens, welcome to our site! We enable our customers to license and sell any type of software application. With help guides in your favorite programming language, you can implement software licensing within minutes. Hundreds of industry-leading customers worldwide are already using our software licensing manager.


    Get Started with Cryptolens Today!

    Different types of software licenses - Cryptolens

    Choosing between floating and node-locked licenses

    Companies often face a challenge when choosing between floating and node-locked licenses. The two licensing models both handle the issue of setting a maximum number of machines that can use a license key at the same time. However, there are significant differences.

    The main benefits of each model will be explained in this blog. You can also watch the following video on YouTube:

    Floating and Node-locked licenses

    For the node-locked licensing model, let us assume that your client uses your license key on Machine A and B. If you want to activate Machine C, you first have to deactivate either A or B.

    Floating licenses instead allow you to put a constraint to only allow, for example, 10 machines to use the license at the same time. The client can then install the application on, for example, 100 machines, but only be able to have 10 machines use the license key at the same time.

    Floating licenses are therefore better if you know in advance that your customer will be moving machines and the most important aspect for you is that they do not use the license on more than a set number of machines.

    Node-locked licenses are then best if you know that a customer will only use the license on a specific set of machines, and given that they will not switch machines often.

    We hope we have now answered the question “Choosing between floating and node-locked licenses”. For a more in-depth description of the two licensing models and a guide on how to implement them in practice, please read our documentation.

    Are you new to Cryptolens? Welcome! We make it effortless for software creators to license and sell any type of application, in any programming language. Our software licensing system integrates with leading providers such as PayPal and Stripe to make payments secure.

    Join hundreds of innovative and world-leading software companies – get started with Cryptolens today!


    Get Started with Cryptolens Today!

    Different types of software licenses - Cryptolens

    What are different types of software licenses?

    Choosing between the different software license types is a crucial decision when you are planning on licensing and selling your software product. That is why we are answering the question “What are different types of software licenses? to help you get started.

    We will now briefly introduce some of the most common software licensing models that we offer to our customers. If you want to read more in detail, please visit our documentation pages.

    This blog is also available as a YouTube video:

    Types of software licenses

    One of the most common types is called a perpetual license. That is when you charge a customer once, and they get full access to your product forever. A subscription is when you are continuously charging a customer. They are only granted access to your application if they continue to pay. The most common subscriptions are paid on a monthly, quarterly, or yearly basis.

    It might also be beneficial to charge the customer only when they use the software or its features. For example, if you sell an accounting software product, you could charge your customers for each financial report they create using the software. This licensing model is called usage-based licensing.

    Lastly, some companies want to allow only a limited number of machines to use their software at the same time. This can be done using node-locking or floating licenses, both of which we have covered in more detail in our documentation. You can then charge the customer extra for a license where they can to use your software on more machines at the same time.

    We hope that gave you an answer to the question “What are different types of software licenses?” If you would like to read more about the licensing types, please read our documentation.

    And if you are new to Cryptolens, welcome to our website! We offer a software licensing system for software developers to license and sell any type of software application. Our documentation pages give you detailed guides in your programming language on how to implement our licensing as a service (LaaS) platform.


    Get Started with Cryptolens Today!

    Different types of software licenses - Cryptolens

    Consumption based software licensing offline

    Licensing software that will run in an offline environment is more challenging, specifically in cases where one needs a certain response from the server (for example, to activate a new devices or record usage). However, it tends to be a real problem when changes need to be recorded fast, which occurs in the floating license model and pay-per-use model).

    A few days ago, we introduced support floating license that can work offline using our license server. Today, we would like to introduce the new release of the license server that supports the pay-per-use model offline.

    How it works

    Instead of contacting our server to record usage, the license server will, on a regular basis, write down all the updates to a data object to disk. Each time an update is written, we will use your public-key to encrypt it along with the previous encrypted block (if you want to learn more about how it works, please check out ‘asymmetric encryption’ in this article). Since the public key is used, there is no way to see what information has been recorded, and because each update is encrypted with the previous update, once it is on disk, there is no way to tamper with the usage (assuming the client has not backed up the previous version). And even if a client would be able to tamper with this file, it may still be detected by our AI anomaly detection module. In addition to the collection of usage information, if your clients send you these files regularly, you may be able to detect any tampering with their local clock.

    You can read more about our protocol on the following page: https://eprint.iacr.org/2021/937. The implementation can be found in the following repository: https://github.com/Cryptolens/license-server.

    As always, if you would have any questions, please reach out to us at [email protected].


    Not a customer yet? Sign Up for a free trial and implement our software licensing system within minutes.

    Introducing reseller portal for software licensing

    Since the end of last year, we have made the reseller portal generally available for all users. We would like to thank all our beta customers for their feedback during the development process.

    Idea

    The goal behind the reseller portal is to allow you to delegate license issuance rights to other users. This can be your resellers/distributors, IT-admins of your customers or your employees. In other words, “reseller” can be any user that should only be able to create specific amount of new licenses based on a pre-defined template.

    The reseller portal also introduces new logging capabilities. All events related to new licenses, customers, etc, are stored in the object log. Thanks to this log, you can, for instance, bill your resellers or customers only when they have successfully created a new license.

    Getting started

    Once you have created a new account, the reseller portal will be available in the top menu. If you are an existing customer, you can enable it on the billing page. As the next step, we recommend to check out the wiki page for more information.

    Please let us know if you have any questions 🙂


    Not a customer yet? Sign Up for a free trial and implement our software licensing system within minutes.

    Be careful with sessions: Garmin Connect App example

    It’s not uncommon nowadays to see people with a smartwatch, be it Apple Watch or another brand such as Garmin. I think there are many advantages of using one; to me, it’s about keeping track of exercises in the gym as well as other parameters such as stress and sleep.

    Many smartwatches record a wide range of data points: puls, movement, altitude and location. This amounts to large amount of data, which can be used to infer various things about the individual. Therefore, it’s important to keep this data safe.

    In this post, I would like to share the security issue in the Android version of the Garmin Connect app and list several tips on how this can prevented when you work with sessions in your projects.

    Background

    When developing an application that requires user authentication, most of the time one needs the state to persist so that users don’t need to enter the username or password each time they visit a new page. Sessions can help us to accomplish that. Using sessions is less secure than asking for credentials all the time, but it’s trade-off that most of us can accept.

    The issue

    Before we start: I have confirmed with Garmin that they have fixed the issue before publishing this post.

    Early in April last year, I changed my password to Garmin Connect on their website. I was already logged in into the Android version of the Garmin Connect app with my old password and my expectation was that the app would ask me to re-authenticate at some point. But, it did not. I cannot tell how long the session would persist, but I could keep using the app for several weeks with the old session.

    The problem with such a long session duration is that it gives users a false sense of security when they change their password. For example, imagine that the user had a weak password at some point and an adversary was able to login and obtain a new session. Even if the user would have changed the password later, an adversary would still have access to their health data.

    If this problem would have occurred in, let’s say, the Neftlix app, I would not be as worried, but since Garmin Connect stores large amounts of health data, I felt like that the consequences of a potential breach could be huge.

    Proposals

    After filing this security concern to Garmin, I proposed the following changes:

    • Make sure that sessions are reset everywhere (especially in the android app) during a password reset (or at least offer the user the choice of selecting this option on the website)
    • Time-limit the sessions on the mobile devices
    • Enable two-factor auth for each account

    Conclusion

    To sum up, whenever you have to persist a state, make sure that sessions expire at some point and that users have the option to log out from all devices. It’s always a trade off between security and convenience, so when you decide the session length etc, you need to take into account the impact of a potential breach, etc. In some cases, you can require users to re-authenticate if the operation is highly sensitive.


    Managing app settings in software licensing

    When developing apps, you will likely need to store some metadata. This can either be specific to a certain user or be shared among all users.

    Data objects offer an easy way of managing metadata either on the product, license key or machine code level. They are quite useful since it’s easy to change them as your application evolves and user-specific data will stay the same across all devices.

    In this article, we will cover data objects associated with a product.

    Editing metadata

    To add or edit data objects on the product level, you can click on the Data Objects link as shown below:

    On the next page, you can either add or edit existing data objects. The names are case-sensitive and duplicates are not allowed.

    Retrieving metadata on app start

    Let’s assume our application needs to obtain the currently supported DOTNET_RUNTIME (which we defined in the previous step). This can be accomplished with the code below (the project files are available here).

    To get it up and running, we need to specify an access token and modify the ReferencerId. The access token needs to have the “ListDataObjects” permission checked and we also strongly recommend to specify the product it should work with. The ReferencerId should be the Id of the product.

     var systemSettings = Data.ListDataObjects("access token", new ListDataObjectsModel
     {
         ReferencerType = DataObjectType.Product,
         ReferencerId = 3349,  // <- the product id
     });
     
     if(!Helpers.IsSuccessful(systemSettings) || systemSettings.DataObjects == null)
     {
         Console.WriteLine("Could not retrieve the settings.");
     }
    
     var settings = systemSettings.DataObjects.ToDictionary(x=> x.Name, x => x);
    
     if(settings.ContainsKey("DOTNET_RUNTIME"))
         Console.WriteLine(settings["DOTNET_RUNTIME"].StringValue);

    What’s next?

    In the future tutorials we will describe how you can store user specific information. In meantime, let us know if you have any questions 👍


    Not a customer yet? Sign Up for a free trial and implement our software licensing system within minutes.