Category: Tips on Using our Service

Automating offline activations

February 11, 2019

Many times your customers may have either restricted internet access or no internet access at all. Although Cryptolens is a cloud-based licensing solution, you can still use it to protect offline devices. In this post, we cover three ways internet access can be restricted and how license key verification can be performed.

Periodic internet access

If your users are connected to the internet on a regular basis, we can cache the response from the “Activate” method each time we are able to contact the server. If, at some point, internet connection would not be present, we would fallback on a cached version of the license object.

When using this approach, it’s important to define how long time your users can be offline. There is a field called “SignDate” in the license key object, which is the time when the response was signed by the server (i.e. the last time you successfully called Activate). So, if you only want to allow your users to be offline for 30 days, you can compare the current date with the “SignDate”.

License server (re-routing)

If your users have certain devices that have no direct internet access, one option is to use a license server, which will re-route all requests through a server hosted by the user. Only the server has internet access.

There is currently a Windows version of the server, freely available on GitHub.

Air gap (no internet)

If the devices have no internet access at all, we can use a similar idea that was described in periodic internet access, with the only difference that we always fallback on the license file.

In Cryptolens, there are three ways you can create such a file:

In the dashboard

Next to each license key, there is a yellow button which can be used to create license files:

Using activation forms

Activation forms allow your customers to download activation files themselves.

Using the API

If you want to automate license file creation, you can either call the Activate method using one of our client APIs or call the Web API directly (eg. using curl).

Try For Free

Pricing

Floating licenses in Java

February 4, 2019

Floating licenses makes it easier for your customers to switch between machines that actively run your software, without having to deactivate them first. For instance, you can constrain the number of concurrent users to 10, but still allow the software to be installed on eg. 100 computers.

In Cryptolens, floating licensing works by letting your app to regularly poll the server to check if the number of concurrent users has been exceeded, which can be accomplished with the code snippet below:

import io.cryptolens.methods.*;
import io.cryptolens.models.*;

public static void main(String args[]) {
    String RSAPubKey = "RSA Public Key";
    String auth = "Access token";

    LicenseKey license = Key.Activate(auth, RSAPubKey, new ActivateModel(3349, "MTMPW-VZERP-JZVNZ-SCPZM", Helpers.GetMachineCode(), 300, 1));
    if (license == null || !Helpers.IsOnRightMachine(license, true, true)) {
        System.out.println("The license does not work.");
    } else {
        System.out.println("The license is valid!");
        System.out.println("It will expire: " + license.Expires);
    }
}

Normally, if the app stops polling the server, that user will be automatically deactivated within the specified period of time. However, if you want to deactivate it instantly, you can use the code below:

import io.cryptolens.methods.*;
import io.cryptolens.models.*;

public static void main(String args[]) {
    String auth = "";

    boolean result = Key.Deactivate(auth, new DeactivateModel(3349, "MTMPW-VZERP-JZVNZ-SCPZM", Helpers.GetMachineCode(), true));
    if (result == true) {
        System.out.println("Deactivation successful.");
    } else {
        System.out.println("Deactivation failed.");
    }
}

To see all the required parameters, please check out the GitHub repo of the Java client. Should you have any questions, please feel free to reach out.

Not a customer yet? Sign Up for a free trial and implement our software licensing system within minutes.

Try For Free

Pricing

Protecting Rhinoceros plugins with software licensing

January 15, 2019

Rhinoceros® (aka Rhino 3D) is a powerful computer graphics and CAD application. It’s also quite extensible as it allows developers to create their own plug-ins and add-ons. The aim of this post is to give you quick way of getting started with software licensing in your application, with focus on .NET.

One way of developing Rhino 3D applications is using Visual Studio. To add a simple key verification mechanism, only three steps are necessary:

Right click on your project in the Solution Explorer and click on Manage NuGet Packages.
Search for Cryptolens.Licensing and install it (for certain Rhino versions, please see this page).
Add the code-snippet form this page in the code where the plugin loads for the first time.

You can know create a license key in the Cryptolens dashboard to test that the key verification code works. That should be it! If you would have any questions, please feel free to reach out.

Not a customer yet? Sign Up for a free trial and implement our software licensing system within minutes.

Try For Free

Pricing

License server for software licensing

January 14, 2019

One of the problems experienced by software vendors when selling to large customers is that some of their machines that will be running the software do not have direct internet access.

Although it is still possible to use offline activation, having an active connection to Cryptolens makes things much easier for both you as the software vendor and your customers.

To solve this, we can use a license server that will re-route all the license verification requests from the computers in the network to Cryptolens, as shown below:

If you have already implemented key verification in your application, the license server can be set up quite quickly in two steps:

Install the license server as described here.
In the Key.Activate method, add LicenseServerUrl parameter and set it to point to the license server (the IP and port of are shown in step 1).

Not a customer yet? Sign Up for a free trial and implement our software licensing system within minutes.

Try For Free

Pricing

SendOwl and DPD integrations with Software Licensing

December 4, 2018

On a mission to make software licensing more accessible, we have recently improved our Web API to make integrations with other services easier. For example, we have made it possible to return license keys as plain text, which many third party platforms require.

When selling software, there are two problems that need to be solved: payment processing and software licensing. Cryptolens core has always been the comprehensive licensing API. If you are using SendOwl or DPD, you can keep using them for payments and Cryptolens for software licensing.

If you have a new project, I would recommend to check out our new tutorial about built-in recurring payments and payment forms.

Not a customer yet? Sign Up for a free trial and implement our software licensing system within minutes.

Try For Free

Pricing

Recurring Payments with Stripe combined with Software Licensing

October 30, 2018

A popular licensing model amongst software vendors is subscription-based licensing. It is generally seen as a smaller risk for the customer than traditional one-time payments (eg. which normally require a large commitment), but at the same time it provides recurring revenues for the software vendor.

You can get started with recurring payments by visit our help pages.

Features

Recurring payments are implemented as a part of the customer portal. Thanks to this update, customers can not only manage their existing licenses but also subscribe for new ones.

Everything related to payments, plans and subscriptions is managed by Stripe, so if you’re already using Stripe, it’s quite easy to get started with the new recurring payments feature. If you do not have Stripe, it’s quite easy to get started. A tutorial can be found here.

In addition to recurring payments, the customer portal makes it possible to use user account authentication, described in the previous article.

Screenshots

Example when the customer has subscribed to a new plan:

The new license will show up on the home page of the customer:

Reviewing a license key and the subscription it is associated with:

Not a customer yet? Sign Up for a free trial and implement our software licensing system within minutes.

Try For Free

Pricing

Secure User Account Authentication inside Apps for Software Licensing

October 23, 2018

A year ago we announced the ability to authenticate your customers inside the app using their credentials instead of using license keys. The key advantages are security (harder to crack properly secured account than a license key string) and time savings (customers can easily restore access to an account vs. restoring access to a lost license key). Today, we have released several changes to make the implementation of this much easier, as described under What’s new later in the article.

How Cryptolens approach is different

When we reviewed the way our competitors solve the problem of authenticating users, all of them used the simple solution of a method that takes in username and password and returns an access token. The problem with this approach is that the user needs to trust the client application, which can be compromised (eg. an attacker can create a similar app to trick the user to expose their login information). Even if the account itself may not pose high value, since users tend to reuse their passwords, it can serve as a gateway into their other accounts.

Instead of trusting the app, our approach puts trust in the web browser. The app will never receive the username or password. For extra-paranoid users, it is also possible to authenticate the request on a different machine.

To put the problem and our solution in simple terms, there is a concrete example from everyday life, namely when you pay using your credit card. The first approach we described is similar to paying using the terminal provided by the shop (i.e. you need to trust each store that their terminal does not record your card number and PIN). The second approach is similar to new types of payment methods where you need to scan a QR code and authorise the transaction on your phone. It is easier to trust your phone than the terminals provided by the store (and you will have to trust every single one of them).

What’s new

With the new release of Cryptolens.Licensing, implementation of account verification has become much simpler (as you can see later in the Getting started section). It now supports .NET Framework 4.0, 4.6 and .NET Standard 2.0. Moreover, we improved the backend to help automating account creation for customers (eg. portal link can now be obtained through Add Customer method).

Getting started

We have summarised the necessary steps to get started in this article. To sum up, two steps are necessary. First, you need to send an invite link to your customer (which can be automated). The second step is to include the following code in your application.

string RSAPubKey = "RSA Pub key";
string token = "access token with GetToken permission";

string existingToken = null; // in case you've already authenticated them once and the token is still valid.

var res = UserAccount.GetLicenseKeys(Helpers.GetMachineCode(), token, "TestApp", 30, RSAPubKey, existingToken);

if(res == null || !string.IsNullOrEmpty(res.Error))
{
    Console.WriteLine("Something went wrong.");
}

// if they have a license with F1=true and which has not yet expired.
if(res.Licenses.Count(x => x.F1 == true && x.Expires >= DateTime.UtcNow && x.ProductId == 3349) > 0) 
{
    Console.WriteLine("Success");
}
else
{
    Console.WriteLine("Failure");
}

Not a customer yet? Sign Up for a free trial and implement our software licensing system within minutes.

Try For Free

Pricing

License Key System for PHP Applications

October 17, 2018

If you want to implement a license key system for PHP applications, you have several options to choose between. A short-term and quite simple way is to code a license key generator and generate a subset of license keys. However, for more serious and in-production use cases, we would recommend having a software license solution that is much more long-term and robust. In this blog, we will briefly cover these two alternatives to help you license and protect your PHP code.

License Key Generator for PHP Applications

A license key generator is a simple and lightweight licensing system that checks the validity of a subset of license keys using partial key verification. While this option is a pretty fast and easy way to implement software licensing for PHP apps, it is not recommended for long-term and more serious use cases. The reasons are that the system is quite easy to bypass, and the structure you use to generate license keys will begin to leak over time. If you want to learn more about this approach, please read this blog post.

Outsourced License Key System for PHP Applications

Instead of having to code a more robust license manager that performs full key verification, the best way to implement software licensing for your PHP application is to work with a Licensing as a Service (LaaS) provider such as Cryptolens. You will then get access to all of our advanced licensing features from day 1, such as offline licensing and more advanced licensing models. Coding and maintaining your own licensing system will take a lot of time, so why not outsource licensing to experts?

Getting started with our license key system for PHP applications is effortless! We have an SDK available on GitHub, and you can sign up to our platform for free. Then, you just need to paste a short code snippet into your PHP code. It looks something like this:

<?php
require_once('Cryptolens.php');

$activate = cryptolens_activate(
      // Access token
      'WyI0NjUiLCJBWTBGTlQwZm9WV0FyVnZzMEV1Mm9LOHJmRDZ1SjF0Vk52WTU0VzB2Il0='
      // Product Id
    , 3646
      // License Key
    , 'MPDWY-PQAOW-FKSCH-SGAAU'
      // Machine code
    , '289jf2afs3'
    );

// $activate is now a boolean indicating if the activation attempt was successful or not

?>

Not a customer yet? Sign Up for a free trial and implement our software licensing system within minutes.

Start For Free

Pricing

Usage-based (pay per use) software licensing in .NET

October 15, 2018

Many software vendors nowadays move away from one-time payments to other licensing models. One such example is the usage-based model. By doing so helps lowering the barrier of entry for new customers, as they no longer need to commit to the product long term, which is usually the case with one-time payments. If you already have a subscription model, supporting usage-based payments can help you to monetise a group of users who would otherwise not buy the product.

You can read the entire tutorial here.

Getting started

In Cryptolens, usage-based licensing can be implemented using data objects, aka custom variables. We can use these variables to record how often features are used and keep track of any usage credits that a customer has purchased. There are two ways of billing customers:

Upfront payment: customers need to purchase usage credits in advance.
Based on actual usage: customers pay for the actual usage in the end of the billing period.

Charging based on actual usage

If you choose to charge your customers based on actual usage, we can simply use the code below:

var auth = "Access token with AddDataObject, ListDataObject and IncrementIntValue permission. Please also set KeyLock value to '-1'";
var licenseKey = "LZKZU-MPJEW-TARNP-UHDBQ";

var result = Data.ListDataObjects(auth, new ListDataObjectsToKeyModel 
{
    Contains = "usagecount",
    Key = licenseKey,
    ProductId = 3349 
});

var obj = result.DataObjects.Get("usagecount");

if (obj == null)
{
    // make sure to create it in case it does not exist.
    Data.AddDataObject(auth, new AddDataObjectToKeyModel { Key = licenseKey, ProductId = 3349, Name = "usagecount", IntValue = 1 });

    if(res == null || res.Result == ResultType.Error)
    {
        Console.WriteLine("Could not create new data object. Terminate." + res.Message);
    }
}
else
{
    var res = obj.IncrementIntValue(auth, 1, licenseKey: new LicenseKey { Key = licenseKey, ProductId = 3349 });

    if (res == false) 
    {
        Console.WriteLine("We could not update the data object. Terminate.");
    }
}

Upfront payments

If you instead want to charge your users upfront, we need to create the data objects when creating the license. If you are using payment forms, we can set up two requests, one creating a new license and another creating a new data object (inspired by this tutorial), as the result from key creation will be “piped” into data object creation request. You can then have another payment form that allows users to refill their credits, in which case the custom field can be used.

You can use the code below to verify if the limit was reached inside your application:

var auth = "Access token with AddDataObject, ListDataObject and IncrementIntValue permission. Please also set KeyLock value to '-1'";
var licenseKey = "LZKZU-MPJEW-TARNP-UHDBQ";

var result = Data.ListDataObjects(auth, new ListDataObjectsToKeyModel { Contains = "usagecount", Key = licenseKey, ProductId = 3349 });
var obj = result.DataObjects.Get("usagecount");

var res = obj.DecrementIntValue(auth, decrementValue: 1, enableBound:true, lowerBound: 0, licenseKey: new LicenseKey { Key = licenseKey, ProductId = 3349 });

if (!res)
{
    Console.WriteLine("Could not decrement the data object. The limit was reached.");
}

Not a customer yet? Sign Up for a free trial and implement our software licensing system within minutes.

Try For Free

Pricing

Sending news and update notifications using Messaging API

October 10, 2018

The new Messaging API allows you to easily send notifications to some or all of your end users. For example, it can help you to notify customers running an older version of your application to upgrade as well as keep them updated about the latest news.

Getting Started

It’s quite simple to get started with the Messaging API. The dashboard is available here, which is where you can send the messages. In order receive them in your own app, you can use the GetMessages method. One thing to keep in mind are the two optional parameter, time and channel. These allow you to tell Cryptolens which messages you want to receive. Time is used as a reference when the last message was seen and channel is a way to group those messages. If these are not specified, all of the messages will be returned.

For example, let’s say you want to implement updates notifications. In that case, we can use the code below to ensure that only older versions of the software receive the message. The version itself is specified as a unix timestamp in the currentVersion parameter, which should be the time when you published the release.

var currentVersion = 1538610060;
var result = (GetMessagesResult)Message.GetMessages("token with GetMessages permission", new GetMessagesModel { Channel = "stable", Time = currentVersion } );

if(result == null || result.Result == ResultType.Error)
{
    // we could not check for updates
    Console.WriteLine("Sorry, we could not check for updates.");
}
else if (result.Messages.Count > 0)
{
    // there are some new messages, we pick the newest one 
    // (they are sorted in descending order)
    Console.WriteLine(result.Messages[0].Content);
}
else
{
    // No messages, so they have the latest version.
    Console.WriteLine("You have the latest version.");
}

Console.Read();

You can see the entire tutorial about updates notifications for more details. There is also about notifications.

Not a customer yet? Sign Up for a free trial and implement our software licensing system within minutes.

Try For Free

Pricing