B4A Library Licensing library

Mrjoey · Feb 19, 2015

lemonisdead said:
catching their Google's account

what if other user has put a paid user's email and start using my app?

Mrjoey · Feb 19, 2015

Troberg said:
but if it's hobby work

i was working full time.

Troberg · Feb 19, 2015

lemonisdead said:
And you even could take the time to register the unpaid users by catching their Google's account and store them into your database

Which might be illegal. At least here in Sweden, it's illegal (with exceptions mainly for government organizations) to store digitally personal information without their consent.

For some reason, however, it's perfectly OK to write it down on a piece of paper (another odd effect of this law is that, legally, a fax send from a computer is under completely different laws than a fax sent by a "paper scan fax")...

lemonisdead · Feb 19, 2015

Mrjoey said:
what if other user has put a paid user's email and start using my app?

This one won't be catched. But how many users do share their Google's account ?

Troberg · Feb 19, 2015

Mrjoey said:
i was working full time.

Well, then I say: Make it reasonably hard. You don't need to make a Fort Knox security, just hard enough for the typical user to don't bother. Also, remember, the people who rather spend a weekend hacking your app than paying a few $, do you think they would have bought it if they couldn't hack it?

So, your work protecting your app may very well be useless, from an economical viewpoint. You'll just block those who won't pay anyway. Consider cost/benefit.

lemonisdead · Feb 19, 2015

Troberg said:
Which might be illegal

I never care about what is legal or not if it is a way for me to protect my customers ! Storing an email address is subject (in France) of a "users database declaration" only. And if you want to be really fair : update your privacy policies or add an option for the user to share his taste via email (so nobody will never ask you why you are catching Google's account). But that's only a suggestion of course. You are free to do what you want

Troberg · Feb 19, 2015

lemonisdead said:
But how many users do share their Google's account ?

Well, I won't say that I do share my account within the family, but I won't say I don't either.

Sharing with untrusted people? Never.

Mrjoey · Feb 19, 2015

lemonisdead said:
This one won't be catched. But how many users do share their Google's account ?

maybe for their friends.

Troberg · Feb 19, 2015

lemonisdead said:
I never care about what is legal or not if it is a way for me to protect my customers ! Storing an email address is subject (in France) of a "users database declaration" only. And if you want to be really fair : update your privacy policies or add an option for the user to share his taste via email (so nobody will never ask you why you are catching Google's account). But that's only a suggestion of course. You are free to do what you want

Of course, it was just a small reminder to check local law, to avoid trouble.

RichyK68 · Jun 30, 2015

I've just updated my LG G2 to Lollipop and two of my own apps have stopped working, they fail on the license check. I've updated the Licensing library to version 1.20 and recompiled but still no luck. Any ideas what else I can try?

Richard

MarcTG · Jun 30, 2015

RichyK68 said:
I've just updated my LG G2 to Lollipop and two of my own apps have stopped working, they fail on the license check. I've updated the Licensing library to version 1.20 and recompiled but still no luck. Any ideas what else I can try?

Richard

You don't need a licensing library anymore, just set your minimum API to 16+

Erel said:
You will be protected on API 16+ automatically. It doesn't matter which devices you target.

MarcTG · Jun 30, 2015

89% of devices that use google play currently are on API 16+ (jellybean)
https://developer.android.com/about/dashboards/index.html

RichyK68 · Jun 30, 2015

So I can simply remove the license checking stuff from my app? As long as I target 16+ from now on?

RichyK68 · Jun 30, 2015

Sorry, is this what I need to change in the manifest? Is this the correct setting?

AddManifestText(
<uses-sdk android:minSdkVersion="9" android:targetSdkVersion="16"/>
<supports-screens android:largeScreens="true"
android:normalScreens="true"
android:smallScreens="true"
android:anyDensity="true"/>
<uses-permission android:name="android.permission.READ_CONTACTS"/>
<uses-permission android:name="android.permission.READ_PHONE_STATE"/>
<uses-permission android:name="android.permission.MODIFY_PHONE_STATE"/>
<uses-permission android:name="android.permission.MODIFY_AUDIO_SETTINGS"/>
<uses-permission android:name="android.permission.SEND_SMS"/>
<uses-permission android:name="android.permission.READ_SMS"/>
<uses-permission android:name="android.permission.RECIEVE_SMS"/>
)

MarcTG · Jun 30, 2015

RichyK68 said:
Sorry, is this what I need to change in the manifest? Is this the correct setting?

AddManifestText(
<uses-sdk android:minSdkVersion="9" android:targetSdkVersion="16"/>
<supports-screens android:largeScreens="true"
android:normalScreens="true"
android:smallScreens="true"
android:anyDensity="true"/>
<uses-permission android:name="android.permission.READ_CONTACTS"/>
<uses-permission android:name="android.permission.READ_PHONE_STATE"/>
<uses-permission android:name="android.permission.MODIFY_PHONE_STATE"/>
<uses-permission android:name="android.permission.MODIFY_AUDIO_SETTINGS"/>
<uses-permission android:name="android.permission.SEND_SMS"/>
<uses-permission android:name="android.permission.READ_SMS"/>
<uses-permission android:name="android.permission.RECIEVE_SMS"/>
)

No your minimum SDK should be 16
<uses-sdk android:minSdkVersion="16" android:targetSdkVersion="20"/>

Here's the google document concerning this:
https://support.google.com/googleplay/android-developer/answer/186113?hl=en

Please note that starting with JellyBean release of Android OS, all apps, paid as well as free, are encrypted by default, and therefore, do not require any additional protection against unauthorized copying such as Google Licensing Server. If you only develop for devices running JellyBean, you don't need Google Licensing Server. You can learn more about app encryption in the Developer Guide.

RichyK68 · Jun 30, 2015

Thank you!

frapel · Jul 9, 2015

Hello Erel,
first of all thanx a lot for this lib and your tireless work/support.

I would ask you a little modification to the lib: I think the generated Java object derived from the b4a LicenseChecker object (I mean the one present in the Java source code folder resulting from compilation) should be named to something "more obscure" like LC or even a misleading name like LHelper or similar...

...this way the Java code could be more secure even if decompiled, while now the name LicenseChecker is easily findable and recognized in relation to a paid app license control (even if we use obfuscation its name remains in plain text).

regards
Francesco

jinyistudio · Apr 29, 2016

Hi

Does this library can use in B4J ?

Informatix · Apr 29, 2016

jinyistudio said:
Hi

Does this library can use in B4J ?

No.

tsteward · Oct 21, 2016

Ok so if we no longer need the license library how do we check things like annual subscriptions please?

B4A Library Licensing library

Attachments

Active Member

Active Member

Well-Known Member

Well-Known Member

Well-Known Member

Well-Known Member

Well-Known Member

Active Member

Well-Known Member

Active Member

Active Member

Active Member

Active Member

Active Member

Active Member

Active Member

Active Member

Well-Known Member

Expert

Well-Known Member

Similar Threads