[trshivku]

We are in the process of submitting a few paid apps on the App World and would like to know if it is possible for someone to buy an app and then share it with others ? Is piracy possible/prevalent on the BB ?

Had a bad experience with iPhone OS where there are tools available to remove the Apple DRM and share it. We had assumed that Apple would be able to prevent piracy. Want to ensure that the same is not possible on the BB.

Thanks in advance.

-TRS

[Dougsg38p]

Rights management and licensing is really up to the developer.

We lock our apps to the device. If you take one of our apps and install it on another device, it simply reverts to "trial" mode and opens a new trial account on our servers.

[trshivku]

Quote:

Originally Posted by Dougsg38p

Rights management and licensing is really up to the developer.

We lock our apps to the device. If you take one of our apps and install it on another device, it simply reverts to "trial" mode and opens a new trial account on our servers.

Thanks for your response.

Let me re-state my Q. If someone purchased an app from the App World on the device, can they get the app (jad file) out of the device and then post it on sharing sites like RapidShare etc ?

TIA.

-TRS

[penguin3107]

Quote:

Originally Posted by trshivku

If someone purchased an app from the App World on the device, can they get the app (jad file) out of the device and then post it on sharing sites like RapidShare etc ?

Yes.

[trshivku]

Quote:

Originally Posted by penguin3107

Yes.

In that case, is it possible to detect if the App is installed from App World OR from a Sharing site ?

If it is possible to determine if the App is not installed as a result of purchase from App World then I would like to turn it into a lite version.

TIA.

-TRS

[trshivku]

Quote:

Originally Posted by Dougsg38p

Rights management and licensing is really up to the developer.

We lock our apps to the device. If you take one of our apps and install it on another device, it simply reverts to "trial" mode and opens a new trial account on our servers.

Hi Dougsg38p,

How do you know the user is not running a valid copy ? How would your app know if it was legally purchased ? Is there a way you can query the App World to check if the app was legally purchased ?

Appreciate any and all pointers.

-TRS

[Dougsg38p]

Our apps sync with our provisioning servers when started. Some device-specific and user-specific info is exchanged.

If the device is not on file, and the user is not on file, then the app is placed in "trial" mode.

If the user is a valid account, but the device has changed, we prompt the user to perform a device swap (we set the account to now enable the new device and place the old one in "trial" Mode).

...and so on. No magic - just a s.m.o.p.

Of course, there are other ways to do this. It all depends on your app and your server infrastructure.

[trshivku]

[QUOTE=Dougsg38p;1510079]Our apps sync with our provisioning servers when started. Some device-specific and user-specific info is exchanged.
QUOTE]

We do have a similar system but the challenge is how to figure out on a clean device whether the app was installed via App World *or* from some crack site ?

We will make our app available only via the App World. The app will not be hosted anywhere else. Since the sale happens via App World we have no way to verify the purchase. So when the app connects to the Server, there is no way to verify against anything. One can only allow creation of an account and then tie the user with the device and later on ensure that there is only one copy of the app being used by the user.

If it is possible to circumvent the App World security and share the apps with others then how does one figure out that the instance of the app is pirated ?

On the iPhone there are some checks one can perform to figure if the app has been stripped off Apple's DRM or not and then switch the app to trial mode. I am wondering if same exists or is necessary for the Blackberry.

TIA.

-TRS

[aiharkness]

Wirelessly posted (8820)

I think I remember seeing posts talking about the software using the PIN. You can do that, right? and if by "clean" you mean a device that has been wiped, then it doesn't matter wrt PIN.

[trshivku]

Quote:

Originally Posted by aiharkness

Wirelessly posted (8820)

I think I remember seeing posts talking about the software using the PIN. You can do that, right? and if by "clean" you mean a device that has been wiped, then it doesn't matter wrt PIN.

Let me rephrase my Q.

a) Can an app installed by App World on a device then be copied from that device and posted somewhere for others to download for free ?

If answer to a) is Yes then

b) Does the app know at runtime if it is a valid copy or not ?

TIA to everyone.

-TRS

[aiharkness]

Wirelessly posted (8820)

It was probably me who wasn't clear. My thought was Doug's and Penquin's posts aren't necessarily contradictory. What I'm understanding is Doug designs the app such that it is not a valid, full, non-trial version until the server tells it that it is. I was assuming the PIN could be the device-specific info he refers to. But I looked at your post again and see I stopped at the word "clean" and didn't read on to see the dilemma you have. You need to link the user to the new account before you enable use of the application, don't you?

I'm just a curious user.

[trshivku]

Quote:

Originally Posted by aiharkness

Wirelessly posted (8820)

You need to link the user to the new account before you enable use of the application, don't you?

I'm just a curious user.

Thats right.

Since the only way to get the app sold on App World is via App World on the device, it would be nice if the app could be fully protected from piracy. If I were to sell the app from my website, I would provide the user with a token which the user could use on the device and report back and I would tie the device with the token. But when the app is sold on the App World there is no way to tie the app with a valid purchase.

In the end I don't have definite answer on whether App World's DRM is foolproof. If it is then all this discussion is moot

TIA.

-TRS

[Dougsg38p]

AppWorld will query your web service to obtain a registration key.

I don't understand issue of "valid site" vs. "invalid site" - we don't care where you got the app, because our DRM is provided by the servers.

BTW, if you *really* want the straight stuff on this issue, why don't you take your question over to the Blackberry Appworld forum??

BlackBerry App Worldâxxx8222;¢ Development - BlackBerry Support Community Forums

And I stand by my original post: app security is only as good as *your* DRM, AppWorld will not police this for you, they will only implement your policy (within the limits of their system).

[trshivku]

Hi Doug,

I had posted a query there but had not received a response until now. Finally someone said to check up *Dynamic Licensing* in the forum and i think i found what i was looking for.

Now i better understand what you have been saying all along

Thanks.

-TRS

[aiharkness]

Wirelessly posted (8820)

Cool! I love this place.