I'm thinking about how I'm going to make Guns into a commercial game (apart from finishing and making it cool)

The question has popped into my head about how I prevent people from stealing the game.. or sharing the unlock key.

I'm thinking some sort of email address encryped with a cypher.. so that if I find a key on the internet being posted about, I can decypher the email address and find out who it is doing the sharing...
Alternatively finding some way of tying it to a PC.

I came across this company called ASPACK http://www.aspack.com/ but I don't know if they're any good.

Has anyone got any ideas?

I don't really want the user to have to be on-line to verify their copy.


So it seems that I have a few options to think about.

1. Have a single unlock code and put it in an automated email when people buy the game?
This seems to be the least secure, but the easiest to do and gives the user the most freedom.

2. Have an unlock code tied to their email address or account name?
This means that The code is unique, the user can install the game on as many machines as they want as long as they use the same email address and key in the Unlock Process.

3. Have an online authentication process?
The user would have to unlock their game. This would tie it to a PC.. probably by storing the MAC address. If the user wants to install on another machine, they have to re-activate. This does mean that the first time the user wants to play, they have to be on-line. It also means that I have to keep authentication servers running for a very long time.. otherwise, the user won't be able to install the game in the future.

I have a deep dislike for authentication servers.. and all security is circumventable if a hacker is determined enough.

Any ideas?

Two things that might come in handy for you.

http://sourceforge.net/projects/tplockbox
http://sourceforge.net/projects/tponguard


Or perhaps you should take Stardock's example (http://forums.galciv2.com/?forumid=161&aid=106741) and leave copy protection out? Piracy will happen in any case, and there's not much you can do about it. Why punish your loyal users? (something to think about)

Thanks for the links, I'll check them out when I get home.

As for your excellent question about leaving protection out completely... well, it deserves more thought than I'm giving it at the moment so I'll let you know my current thinking at the moment.

I usually go through life with the attitude that most people are basically good and won't do anything illegal. They want to like fairly and treat others with respect.

This opinion has taken several beatings lately to the point where Now I think that a lot of people are basically good, but most will do what they think everyone else is doing.. as long as they don't get into trouble.. and what everyone else is doing is getting free stuff off the net instead of paying for it.
We could talk for hours on this subject alone... but we'd need beer :)

At the moment I believe that if I leave protection off completely, I'll get no sales at all. So my current though process is release a Demo which has no protection and a Full Version for downloading but will only work beyond the 1st level with an activation key of some sort.

While I admire Stardock's decision, I don't think it works for everyone.
I hate the Steam Idea with a passion, I think it's far too heavy handed and treats everyone like a potential criminal. (I don't think everyone is a criminal, I just think that people don't think enough about the conciquences of their actions before doing something they know is wrong but don't think it'll do any harm.)

But I didn't mind the copy protection used in Jets 'n' Guns.. a Demo I downloaded.. played for 1 hour (the demo expires after 1 hour of play), the game stopped and said, if I want to continue, I should buy it.. do I want to do it now?.. Yes please. I purchased it, loved it. Enjoyed the experience entirely.

I guess the real question is.. How can I enable an honest person to buy and play my game without subjecting them to hassle which may drive them away?

Well, the way that Stardock did it was this:

You must have a serial code to play the game. All serial codes are server-side activated, and so given via email/game box. Thus you cannot forge a serial code, because they are also tied to the email address of the account they are given to. So you can install, but until the game is activated with a serial code you cannot play.

So you can recheck serials with each update and authenticate what computers are using what serial through a simple callback with the hardware address. If too many computers use the same serial in a short time... you have your pirates.


For a demo my suggestion would be to simply hardcode it as limited. Such as the define sections. So that {$IFNDEF DEMO} would restrict any special content from even being in the demo application, so that it couldn't be unlocked even if it did get hacked. Then it just isn't worth the effort.