Secure License File
A CmActLicense is the cost-effective alternative for protecting and licensing your software. A CmActLicense consists of a signed and encrypted license file. The software publisher has full control over whether and how the license is bound to the user’s computer. The unique encryption method used for the license file gives you the option to store secret symmetric and asymmetric keys safely on the computer of the user.
With CmActLicenses, software publishers can independently encrypt and decrypt data using symmetric or asymmetric algorithms, like AES (Advanced Encryption Standard), RSA (Rivest-Shamir-Adleman) and ECC (Elliptic Curve Cryptography), and sign data or verify the signature.
Automatic Binding: CodeMeter SmartBind
CodeMeter SmartBind® is a patented solution for binding a CmActLicense to a computer that combines security and flexibility. CodeMeter SmartBind creates a fingerprint of your user’s computer, which records several hardware properties, such as the hard disk, motherboard, network card, and CPU. The fingerprint automatically takes the environment and the operating system of your user into account. Virtual environments and their specific characteristics are automatically detected as well.
The patented tolerance mechanism ensures that the CmActLicense and the cryptographic keys stored in the license file remain valid, even when the hardware of the computer is replaced within the tolerance level selected. Software publishers can choose from the following tolerance levels:
- SmartBind Tight
- SmartBind Medium
- SmartBind Loose
SmartBind automatically selects the optimal binding mechanism for your CmActLicense. However, if you prefer to set the bond yourself, CodeMeter offers the following options:
- Own hardware setup, selecting properties related to: hard drive (D), network card (N), CPU (C), and motherboard (B)
- Random number
- SID of the machine
- IP address
- Custom implementation, using the Binding Extension
Any custom implementation of a binding extension needs a unique and unguessable fingerprint to work. Optionally, you can also configure how the license is stored: CodeMeter includes a smart process that only needs a few bytes to be securely stored and can work even with most of the license data left on an unsecured medium.
Binding to a Memory Device
Instead of binding a CmActLicense to a device via SmartBind, it can also be bound to a removable device like an SD card or memory stick. This gives the user the ability to move licenses easily between different devices, as can be done with CmDongles. For this purpose, the CmActLicense is not just bound to the removable device, but additionally stored on it.
As the software developer, you can implement the binding and license storage yourself. Alternatively, CmReadyTM by Wibu-Systems and our solution partners offers a turnkey solution that is ready for use and saves you the effort of implementing it yourself: CodeMeter comes with standard support for CmReady certified mass storage devices. The CmReady logo is only awarded to devices equipped with secure elements that are guaranteed to work in line with the CmReady standards. The advantages for you: Easier implementation and top security against license tampering on removable and mobile devices.
CmReady lets you use a CmActLicense on a mass storage device similar to a CmDongle and enjoy all CmActLicense functions on a mobile basis. For highest protection standards, including the ability to execute code away from the user’s computer (CodeMoving) or use safely locked-away keys for authentication (CodeMeter Certificate Vault), we recommend our full CmDongles.
Licenses without Activation
Software vendors can create CmActLicenses that can be used without any activation. Such CmActLicenses are already pre-activated, are not bound to any hardware property of the user’s computer, and can be imported onto any computer. Once the import process is complete, these CmActLicenses are bound to the machine and can be used as secure repositories for licenses and cryptographic keys.
Software publishers can also choose whether CmActLicenses can be imported once only or several times on the same computer. A time-limited license that your user can import just once can be used as a demo/trial license. In this case, you will need a CodeMeter Trial License.
If you are using Protection Suite to protect your software against reverse engineering and you do not require any licensing, a license without activation is the optimal solution for you. The cryptographic keys that protect your software are securely stored in a CmActLicense that is separate from your software. This makes analyzing your software practically impossible. In this case, you will need a CodeMeter Protection Only License.
Secure Update and Straightforward Logistics
CmActLicenses are distinguished by the straightforward logistics they provide. The user installs your software on his computer and activates the licenses online or via file sharing. A remote file containing the fingerprint of the machine is then generated and transferred to the software vendor who, in turn, creates a remote update file that can be imported only once onto the target computer.
This process allows the activation, upgrading, and deactivation of licenses. With a tamper-proof receipt, CodeMeter automatically ensures that the action is performed successfully . The license update can be transmitted automatically by means of CodeMeter License Central.
Use in Virtual Environments
The use of a CmActLicense in a virtual environment is easy and secure. The following options are available to you:
- No activation within a virtual machine. The software is used via a network license located on the host or a license server.
- Activation within a virtual machine strongly bound to the hardware. Once the virtual machine is copied or moved to another host, the license becomes invalid.
- Activation within a virtual machine in a high-availability solution. The virtual machine and the license can be moved freely. When the virtual machine is copied, the license becomes invalid.
Demo and trial licenses as well as rental licenses can be created as time-limited licenses. CodeMeter relies on an innovative method which protects your licenses against time tampering on the computer. CodeMeter is provided with an internal virtual clock that runs independently of the time of the computer. The internal clock is operated and synchronized with the computer's clock for each CmActLicense by means of an intelligent mechanism. CodeMeter checks the time validity of your license against the internal clock. Any time-based tampering attack becomes ineffective.
Interested in a personalized offer for our CodeMeter technology? Just answer a few questions and our team will get back to you with all the information you need.