This article has been contributed by Alex Cojocaru, Senior Advisor, at Ernst & Young.
Since the emergence of mainstream computing, software copyright and licensing became the main practice for proprietary software publishers to monetize their intellectual property rights. As such, many software license validation methods – as well as audit methods – have shaped the industry ever since. These methods serve as control measures which aim to ensure that software publishers are fairly compensated for the value their end users get from using their software.
Software license validation methods serve as a proactive practice aimed to prevent or minimize software piracy and protect software copyright. In contrast, software license audits are a reactive practice mostly aimed at correcting non-compliance situations. The purpose of this article is to describe some of the existing software license validation methods used by software publishers and explore the possible benefits of implementing a Blockchain driven license validation and management method.
Software license validation is a method of verifying that the software license is valid, to prevent the free use of proprietary software. Usually the license validation is a prerequisite step included in the software installation setup. In the case of trial software, the software license validation basically allows the software to lift the trial restrictions or unlocks additional functionality available only for paying customers.
Examples of common license validation methods are:
Over time, validation methods have become more intelligent. For example, the old hard copy license key validation can easily be copied, shared between users and used for multiple installations – in comparison, the online validation methods are more secure although they can still be fooled, for example by redirecting the DNS to a fake authentication server.
The license validation story has two narratives. If bypassed, the software publisher is not being compensated for the use of its intellectual property. On the other hand, the end user is breaking the contract terms and conditions and as such is legally liable to pay high reconciliation fines. In the business world, improper use of software licenses is more commonly associated with negligence or ignorance rather that a criminal intent. So, finding an efficient mechanism for license validation is beneficial for both the end user and the software publisher as it will strengthen the trust between the two parties.
Simply put, the Blockchain is a decentralised system for maintaining a digital ledger in a distributed network. The ledger contains a set of records called blocks (hence the name) which are linked together within a network using cryptography. Each block contains a unique combination of transaction data, timestamp and a cryptographic hash of the preceding block.
The Blockchain is not a new technology, but a system of already existing technologies applied in a new way. Similarly, looking at the recent practical uses of Blockchain technology in sectors like supply chain and logistics, insurance, or financial services we will explore the potential use of Blockchain in software license management.
Implementing a Blockchain system for software license management can improve the traceability of software licenses throughout their lifecycle. A software license can be monitored from purchase, to allocation, to decommission – when the software is shelved for reuse. The ledger (in this case the license entitlement baseline) is constantly updated based on the transactions on the Blockchain, thus achieving a (close to) real time view of available assets and the distribution of used assets. The diagram below illustrates how a software request process could potentially work:
Some of the top software publishers do not include any technical measure of preventing the installation of their software without a license. In other words, if not properly managed by SAM or IT functions within the company, users can freely install as many copies of the software as they want. Using a Blockchain system for software license management can prevent the installation of software when no licenses are available, thus preventing over-utilization.
Validation of the license key can work in a similar fashion (see illustration below). Implementing such a system can potentially prevent the use of non-valid license keys (e.g. pirate keys, vendor specific internal license keys).
The blocks in the Blockchain are decentralized and immutable, which prevents the system being corrupted with duplicate or non-valid keys. I could also see this working very well, increasing trust, in the second-hand software license market.
There are already some similar or related use cases of Blockchain for software and royalty license management. I will use these as examples to show different flavours of implementing Blockchain for software and royalty license management.
Although alternative use cases of Blockchain are relatively new, especially for software license management, I expect to see more companies following this trend. Could this be a major game changer for our industry?
This article has been contributed by Alex Cojocaru, Senior Advisor, at Ernst & Young.