How to protect j2me app from installing in multiple devices ?

[waleemamun]

Hi as I cannot get IMEI for all the sets using j2me as i dont have enough time for signing the app how it is possible to protect app from installing in multiple devices ?

Thnx

[grahamhughes]

Signing would not help you - it's not a form of copy protection.

Ultimately, you cannot. The best you can do is make it more difficult. How difficult depends on the application. Is it a connected application (is it a client for some server app)? How is the app being deployed? How will users pay for it?

Graham.

[waleemamun]

Yes its a client server app . User will buy a cd and enter serial number to install the app.

[grahamhughes]

The app connects to your server, or to server software on the customer's server? More detail would help.

You can't install from a CD onto a phone, so how will they install the app onto the device? What models of phone are supported?

The only mechanism to restrict installation is to use some kind of activation key issued from your server, which is calculated from some kind of customer number and/or a random number generated by the application on the device.

Graham.

[waleemamun]

"Thank you for your reply.
We will install the jar using blue tooth . Sorry for not being detail in explaining what we have done.
Here is what we have done for the symbian version:
On first time launch, users enters a serial key which is supplied in the cd box.
Then the app connects to our server with the serial key along with the IMEI number to our server.
We enters that in our database.
From now on every launch, we check the imei number and serial key with our stored data.
If it does not match, a notification is given to the user and the application exists.

Now for the S40 version, since we cannot get the IMEI number, we are stuck. Getting certification is a good option I think, but the problem
is that we do not have that much time.

Any idea is highly welcomed. We are really stucked."

[sunil_bhambani123]

Hi,

Getting certification also won't help you out in S40 devices, since it requires Operator or manufacturer level signing.

You can do one thing though that when the application launches for the first time generate a random number of the same length as IMEI number and store that in RMS. This random number will work as IMEI for that particulat device.

Hope this helps you out.

[stevejanko]

hi
If you want a unique id and all devices you are installing the app on have bluetooth why not use the bluetooth address as the id.
Steve

[waleemamun]

Thanx sunil for your reply
Ya that is a good option

[waleemamun]

Thanx Steve for your reply but will all sets allow me to get their blue tooth id using j2me ?

[grahamhughes]

You can just create a random number, and use that.

PHP Code:

private static long getIdentifier() throws Exception {
    long id;
    try {
        RecordStore rs = RecordStore.openRecordStore(ID_RECORD_STORE, true);
        try {
            if (rs.getNumRecords() == 1) {
                // read existing ID
                byte[] b = rs.getRecord(1);
                id = 0;
                for (int i = 0; i < b.length; i++) {
                    id <<= 8;
                    id |= (b[i] & 0xff);
                }
            } else {
                // first execution: create ID
                id = new Random().nextLong();
                long temp = id;
                byte[] b = new byte[8];
                for (int i = 0; i < b.length; i++) {
                    b[i] = (byte) (temp >> 56);
                    temp <<= 8;
                }
                rs.addRecord(b, 0, b.length);
            }
        } finally {
            rs.closeRecordStore();
        }
    } catch (Exception e) {
        throw new Exception("cannot get identifier: " + e);
    }
    return id;
} 


Since many devices will not allow access to RMS files, it is very difficult to lift the application from one phone, put it on another, and still have the same ID number. Effectively, the random number becomes a unique ID for that device.

Graham.

[stevejanko]

Thanx Steve for your reply but will all sets allow me to get their blue tooth id using j2me ?

You should be able to get the BT Address from any device that supports jsr-82. See getLocalDevice().

Steve