To understand the SoftwareShield System you must first understand how license enforcement works.

At run-time, license enforcement works through a cooperative effort between your application, the SoftwareShield ClientProtector component (which you must redistribute with your applications), and the License File that you create for the application.

The (main, distributed) License File is a compressed and encrypted file which contains all the licensing information necessary to enforce itself on your application. The SoftwareShield ClientProtector component is a COM server .dll (named SSCProt.dll and SSCProtD.dll) which you must distribute with your applications and register on the clients machine in your applications installer package. The ClientProtector is the component through which your application interacts with the License File that you must distribute also.

License Files you develop are specific to a particular application and (often) specific even to different releases. The ClientProtector is an in-proc COM server used by all applications that use the SoftwareShield System regardless of the version of license it uses. Your application must have a small set of information in order to start the ClientProtector and subsequently use it to enforce the license, including encryption passwords used to encrypt the file and other sub-components of the file (explained later in detail), the name of the license file it should use, and a code representing what FingerPrint elements to use to identify an authorized system (if any).

You develop your licenses using the SoftwareShield License Manager application. The License Manager is a full features Windows application that allows you to design and implement any and all license features your application needs. The License Manager also handles compiling License Projects into distributed licenses which you then ship with your application. When you create a distributed license, the License Manager also creates a programming notes file which simplifies your job of incorporating the license into your application. The License Manager even writes several language versions of the exact code you need in the programming notes file which you can copy into your development environment to initialize and start the ClientProtector component.

Once you have designed and developed the License, tested and debugged your application (and its licensing features), and distributed your application, the license, and the ClientProtector component, you are ready to use the Activation Code Generator to control your application through its license.\

Example Scenario:

For example, here are the basic steps to implementing a simple trial version of an application that expires and won't run 30 days after it is installed, unless the client purchases it from you:

1. You design and develop a License for your trial version application.

2. You test and debug it until you are ready for a release.

3. In your trial version installer package, you must distribute: (1) your application (naturally), (2) your distributed license, and the (3) SSCProt.dll (which must also be registered on the client machine through your installer package).

4. Your client receives your trial version (by download or disk) and installs your trial version (which copies the ClientProtector and license file onto the hard drive and registers the ClientProtector with the Windows system like any other COM server.

5. Your client runs the program. Every time the program starts - your program must invoke the ClientProtector to check its license. The ClientProtector decrypts the license and tells your application that it is an expiring trial version and that there are 30 days remaining in the trial period.

6. You can then display this information to your user and inform him how he can purchase the software by linking to your "Buy-Now" page or contacting you by phone, email or whatever you wish. During the trial period - you will probably want to have the program execute normally, but give the user the opportunity to enter an Activation Code if they have already decided to purchase it and have received the code from you.

7. After 30 days have gone by, when the user next starts the program, the ClientProtector will discover that the expire period has lapsed -informing your application. You will then probably choose to prompt the user that their free trial period is over and they must purchase the program to continue using it. You can also prompt them to input their Activation Code now if they have already purchased their copy. If they do not input a valid Activation Code - you terminate the program.

8. Once they have decided to purchase the program from you they must supply you an "Authorization Request Code" and of-course payment. Once you have successfully processed their payment (by hand or automatically through a web-merchant for example) you can then input into your SoftwareShield Manual-Activator their request code for the particular product you are selling. The Manual-Activator then determines if the request code is valid for that license and if so, constructs an Activation code to supply to the customer. With the Manual-Activator (which is a simple Windows application), you must manually enter their request code in order to generate the code to provide them. In the Internet Edition of the SoftwareShield System - this process can be completely automated and deployed on the web. (See diagram below) The Internet version once properly deployed allows you to have trial versions downloaded, evaluated, purchased and activated without any intervention from you at all; 24 hours a day, 7 days a week, 365 days a year.

9. Back at your customers computer - they receive their Activation Code from you. They restart the program (if it wasn't running already since the last step could have all happened in a matter of minutes if you have deployed the Web-Activator on the web) and enter the code. The ClientProtector then validates that the code is real, ensures that it was meant for this specific computer (if FingerPrinting is enabled) and updates the license file to reflect that the program should now run as a full version.

10. Now - every time the program starts, the ClientProtector opens the license to find that this is a fully functional version of the program, and executes without interruption.

The following diagram illustrates how the SoftwareShield System facilitates a simplified transaction using the Web-Activator  (The flow of control is different for the CheckPoint License Server - this is shown as an example only):

What About People Who Try To Cheat the System?

There are numerous safeguards built into the SoftwareShield System that ensure that your client, (and hackers), will have an extremely difficult time defeating the system if they try. There are several hidden "alias files" that ensure that the Main License file has not been tampered with, some of these files even use advanced steganographic technology to embed their license information inconspicuously inside the individual pixels of actual images (bitmaps) so that they look completely unchanged to the human observer.

There are several checks to ensure that the user can not defeat expire dates by rolling his or her system clock back or by starting the install process with a system date that is inconsistent with the license date. Some Activation Codes themselves expire so that they must be used within a "shelf-life" or they cease to work on any system whatsoever. Some codes (single-use) can be used only once on a single system no matter what and others can be used over and over. There is advanced tamper-resistance technology that (optionally) detects if the program is being watched by kernel-mode debuggers, or that someone is trying to de-compile it using hacker tools like SoftICE; your program will simply shutdown. Un-installing and reinstalling your program will not work either to defeat the system due to the special alias files that are left in inconspicuous files and registry keys on the clients computer, (even after an un-install).

SoftwareShield ensures that you can feel confident that the licensing and copy protection of your system can be left to us and you can focus on what you do best - develop good software. Let SoftwareShield worry about protecting it. (See: How Strong is the SoftwareShield System?)