Licensing issue to my windows-based app

Welcome to the site. Are you going to give us a percentage if we solve it? ;). I believe this is a very optimistic question to place on a forum. My understanding is that even the big boys struggle with this one - that is why there are so many web apps where the user has to register to use.

So I would be use a web app if possible, if you need to ask this question you are just going to have to settle for the fact that it may be shared. Otherwise change your business model.

Create an algorithm to which calculates something based on certain circumstances in the machine it is running on. Make it so that it differs each time you try to generate the code. Have your end user call in the code and software serial number, and give them the correct activation code (which relies on the other two pieces of information) over the phone.

Welcome to the site. Are you going to give us a percentage if we solve it? ;). I believe this is a very optimistic question to place on a forum. My understanding is that even the big boys struggle with this one - that is why there are so many web apps where the user has to register to use.

So I would be use a web app if possible, if you need to ask this question you are just going to have to settle for the fact that it may be shared. Otherwise change your business model.

The App is a off-line product, so it has to be a windows-based app not a web-based app.:-(

The App is a off-line product, so it has to be a windows-based app not a web-based app.:-(

I think what was meant is that you would have a web-service running to perform first-time authentication and license validation.

Create an algorithm to which calculates something based on certain circumstances in the machine it is running on. Make it so that it differs each time you try to generate the code. Have your end user call in the code and software serial number, and give them the correct activation code (which relies on the other two pieces of information) over the phone.

Thanks. that is the only solution i got so far. But with this solution, I will have to deploy my app for each individual download copy, and each of them I will need to embed a unique serial number. this deployment process will be huge amount of work and it will take heaps of space out of my web space to store each download copy...

u know what i mean?

Thanks. that is the only solution i got so far. But with this solution, I will have to deploy my app for each individual download copy, and each of them I will need to embed a unique serial number. this deployment process will be huge amount of work and it will take heaps of space out of my web space to store each download copy...

u know what i mean?

You are completely wrong.
You can create a formula or function that validates a serial. The flow will be something like this:

a) you give the user a serial number (on a piece of paper or the sleeve of the CD)
b) the user installs the software, and is asked for the serial
c) the software generates a 'random' number based on certain states of the hardware (date, time, hardware address, size of the registry)
d) the serial number and random number are sent to your web-service
e) your web-service delivers a third number, the validation key
f) the user's software take the serial number, random number, and validation key, and validates that the three work together
g) if not the user is prompted again

Example:
The Validate() function takes three integers, and checks that they add to 10.
The user gets a Serial Number of 1398.
When the software is installed, the random number -293484 is generated.
These two numbers are sent to the server.
The server (after collecting/verifying things like email address, phone number, and registered name) figures out that the response number should be 292096.
The Validate function takes the Serial (1398) the random number (-293484) and the validation response (292096) and adds them together to get 10. Knowing that 10 is the number it needs, it validates the user's software.

The strength of this system relies on the mathematical complexity of the authentication algorithm. If your validation is just "Add up to 10," you aren't going to have a good licensing scheme.

You are completely wrong.
You can create a formula or function that validates a serial. The flow will be something like this:

a) you give the user a serial number (on a piece of paper or the sleeve of the CD)
b) the user installs the software, and is asked for the serial
c) the software generates a 'random' number based on certain states of the hardware (date, time, hardware address, size of the registry)
d) the serial number and random number are sent to your web-service
e) your web-service delivers a third number, the validation key
f) the user's software take the serial number, random number, and validation key, and validates that the three work together
g) if not the user is prompted again

Example:
The Validate() function takes three integers, and checks that they add to 10.
The user gets a Serial Number of 1398.
When the software is installed, the random number -293484 is generated.
These two numbers are sent to the server.
The server (after collecting/verifying things like email address, phone number, and registered name) figures out that the response number should be 292096.
The Validate function takes the Serial (1398) the random number (-293484) and the validation response (292096) and adds them together to get 10. Knowing that 10 is the number it needs, it validates the user's software.

The strength of this system relies on the mathematical complexity of the authentication algorithm. If your validation is just "Add up to 10," you aren't going to have a good licensing scheme.

Heaps of thanks! I think I got what u mean.
For example:
01(Serial Number) + 02(radom number) + 08(Web Respond Registry Key) = 10

and this numbers are all encrypted, so the end users will not be able to see the claculation.

Is that right?

Heaps of thanks! I think I got what u mean.
For example:
01(Serial Number) + 02(radom number) + 08(Web Respond Registry Key) = 10

and this numbers are all encrypted, so the end users will not be able to see the claculation.

Is that right?

Right, but mine was only a simple case. I would suggest you use something a little more advanced, such as a public/private key system.