29 Jul 2010 20:32
Google has added a licensing server to the Android Marketplace which will allow an app to verify whether the user has purchased it or not before opening.
In order to use the new service an app must be sold through Google's Android Market store and be on a device running Android 1.5 or later which also has the Market app installed. Free apps can't make use of the service.
Communication with the licensing server will be done exclusively by the Market app itself using RSA public-key encryption.
This is intended to replace the current copy protection scheme, which has been widely criticized by both developers and consumers. Under the old system, an app compiled as copy protected can't be downloaded from the Market by anyone using a phone which has been rooted or is even just running a custom ROM instead of the OS provided by the manufacturer.
This often leads to frustration for consumers who wished to purchase these apps in the Market, but is easily circumvented by anyone who downloads an unauthorized copy of such an app. In other words it's only effective against people who want to pay, not those who want to pirate.
While apps can be written to handle the response from the licensing server in any way the developer desires, Google is providing two preconfigured implementations.
Both will stop an app from running if the server doesn't verify the app's licens, but one will use a cached response from the last time the app was run if no connection to the Market is available. The other will only allow the app to start if the server is available to verify the license.