The ITAM Review

News, reviews and resources for worldwide ITAM, SAM and Licensing professionals.

Blockchain for Software License Management

This article has been contributed by Alex Cojocaru, Senior Advisor, at Ernst & Young

Blockchain

Could blockchain be a gamechanger for license validation and software license management?

Since the emergence of mainstream computing, software copyright and licensing became the main practice for proprietary software publishers to monetize their intellectual property rights. As such, many software license validation methods – as well as audit methods – have shaped the industry ever since. These methods serve as control measures which aim to ensure that software publishers are fairly compensated for the value their end users get from using their software.

Software license validation methods serve as a proactive practice aimed to prevent or minimize software piracy and protect software copyright. In contrast, software license audits are a reactive practice mostly aimed at correcting non-compliance situations. The purpose of this article is to describe some of the existing software license validation methods used by software publishers and explore the possible benefits of implementing a Blockchain driven license validation and management method.

Software license validation methods

Software license validation is a method of verifying that the software license is valid, to prevent the free use of proprietary software. Usually the license validation is a prerequisite step included in the software installation setup. In the case of trial software, the software license validation basically allows the software to lift the trial restrictions or unlocks additional functionality available only for paying customers.

Examples of common license validation methods are:

  • License key validation – Typically, the full packaged software came in a box, which included the installation media (floppy, CD / DVD) along with a technical manual and a unique hard copy license key used to activate and install the software (e.g. Microsoft Windows, Adobe Photoshop etc.). Later, the installation media was replaced by a download link accessed via the internet (e.g. Microsoft Office).
  • Online license validation – In contrast to the normal hard copy license key validation, online validation provides an extra verification step to ensure the same key is not used for multiple installations or that no illegal keys are used. Basically, the license key is validated against a database which keeps a ledger of all the sold licenses. If the license key does not pass the online validation, the software is not activated.
  •  Hardware license validation – The hardware license validation uses a combination of the license key and the host machine manufacturer hardware serial number which is hashed into a unique record. After the (one-time) verification with the software publisher, ensuring that the same license is not used on multiple computers, the software becomes active.

Over time, validation methods have become more intelligent. For example, the old hard copy license key validation can easily be copied, shared between users and used for multiple installations – in comparison, the online validation methods are more secure although they can still be fooled, for example by redirecting the DNS to a fake authentication server.

The license validation story has two narratives. If bypassed, the software publisher is not being compensated for the use of its intellectual property. On the other hand, the end user is breaking the contract terms and conditions and as such is legally liable to pay high reconciliation fines. In the business world, improper use of software licenses is more commonly associated with negligence or ignorance rather that a criminal intent. So, finding an efficient mechanism for license validation is beneficial for both the end user and the software publisher as it will strengthen the trust between the two parties.

Blockchain for software license management

Simply put, the Blockchain is a decentralised system for maintaining a digital ledger in a distributed network. The ledger contains a set of records called blocks (hence the name) which are linked together within a network using cryptography. Each block contains a unique combination of transaction data, timestamp and a cryptographic hash of the preceding block.

The Blockchain is not a new technology, but a system of already existing technologies applied in a new way. Similarly, looking at the recent practical uses of Blockchain technology in sectors like supply chain and logistics, insurance, or financial services we will explore the potential use of Blockchain in software license management.

Implementing a Blockchain system for software license management can improve the traceability of software licenses throughout their lifecycle. A software license can be monitored from purchase, to allocation, to decommission – when the software is shelved for reuse. The ledger (in this case the license entitlement baseline) is constantly updated based on the transactions on the Blockchain, thus achieving a (close to) real time view of available assets and the distribution of used assets. The diagram below illustrates how a software request process could potentially work:

Some of the top software publishers do not include any technical measure of preventing the installation of their software without a license. In other words, if not properly managed by SAM or IT functions within the company, users can freely install as many copies of the software as they want. Using a Blockchain system for software license management can prevent the installation of software when no licenses are available, thus preventing over-utilization.

Validation of the license key can work in a similar fashion (see illustration below). Implementing such a system can potentially prevent the use of non-valid license keys (e.g. pirate keys, vendor specific internal license keys).

The blocks in the Blockchain are decentralized and immutable, which prevents the system being corrupted with duplicate or non-valid keys. I could also see this working very well, increasing trust, in the second-hand software license market.

Similar use cases

There are already some similar or related use cases of Blockchain for software and royalty license management. I will use these as examples to show different flavours of implementing Blockchain for software and royalty license management.

  • Spotify uses Blockchain technology to connect artists and licensing agreements with the tracks available on their streaming service.
  • EY and Microsoft launch Blockchain solution for content rights and royalties management for media and entertainment industry.
  • Accenture uses Blockchain technology to enhance software asset management by tracking all software license events during their lifecycle.
  • rocks also uses Blockchain to complement their SAM function in novel ways.

Conclusion

Although alternative use cases of Blockchain are relatively new, especially for software license management, I expect to see more companies following this trend. Could this be a major game changer for our industry?

This article has been contributed by Alex Cojocaru, Senior Advisor, at Ernst & Young

email

About Alex Cojocaru

Alex is a Senior Advisor at Ernst & Young, focused on Software Asset Management and Data Analytics. He uses the knowledge gathered in the field of SAM, Software Licensing and Data Analytics since 2011, to help organizations reduce software cost and manage risk associated to software licensing. Connect with Alex on LinkedIn.

Leave a Comment