Key generation system / selling your games

#1 If you publish through the GG store, we have a key/ignition system we can provide. Is that what you were asking about?

#2 Thanks Michael,

No:

What if I want to publish my self?

And what if I want to publish in other sites?

I'm asking for precise steps to protect the game and generate keys for the game. Are we talking about an external tool? About C++? About modifications in the source code? About a resource? About something impossible for a middle experienced programmer rather than an expert?

Thanks

#3 @Isaac - Ah. I see now.

There are soooo many different ways to copy protect your game and its assets. You can find a few free resources here on our site, submitted by community members, that help you zip and encrypt your assets.

Some 3rd party solutions can protect your game via serial keys and encryption. What I'm getting at is there are a ton of different options, it just depends on what level of security you want, what you wish to protect, and what your means of distribution are.

#4 I think what he's asking about is an "unlock" system so you can provide a demo of your game (limited levels, limited time period), and the player has to purchase the game and receive the registration key before they can continue playing.

The issue of asset protection/encryption is also of interest, but not my main interpretation of the question (based on the requirement to "generate keys").

#5 @ Shaz,

Yes, what you are thinking is correct.

What I need is the tutorial/steps to achieve that and grant a full version of the game in demo mode; once a player purchase it he will receive a key to unlock the demo to a full version.

I have searched the site, but can't find what I'm looking for. I think search tool in this forums is not always reflecting what you are looking for.

So if somebody already has do and knows the "how to" it will be great to know about it and the procedure to convert an unprotected game in a demo game.

Isaac

#6 Just out of curiosity: What platforms are the Ignition system available on?

There's a reason many indies use third-party solutions for software activation, and many of them are also tied to a storefront. GG's system is one eSellerate is another I occasionally see (Mac and Windows SDK). Steam supposedly has a system you can use independently, without having to sell your product through them (this may or may not be an excellent solution, depending on your views on Steam).

#7 I wrote a custom one (as Isaac knows). It's super simple and not exactly hack proof, but it gets the job done. I've been thinking about doing a blog post for how to do it... but it requires some additions to the C++. I haven't looked into doing one script-only.

#8 Please do make a blog post. I imagine a number of people would be extremely interested in how you've approached the issue. Whether it's something people want to imitate exactly, or get ideas and make their own adjustments (even via script), it's certainly of interest to anyone considering selling their games.

#9 Chris, that sounds interesting. I think it would be great to see such a resource :)

#10 Just remember, the more effort you put into preventing piracy the exponential reduction of return on investment. You can go with ludicrous control, but if it only grants less than single-digit percentile piracy reduction, was it worth the effort? Also remember that the more control you put into the game, the more inconvenient it is to your customers. See: Spore DRM.

With everyone in the world going apeshit over IP right now, the valid consumer is feeling more and more like a criminal in the eyes of the developers they want to support. So try and restrict the inconvenience on those who want to buy your product.

www.xkcd.com/488/

www.puppygames.net/blog/?p=87

On the otherhand, not being vigilant and making sure what control you put in place is solid, you're also have low RoI if the system is easily defeated by a simple patch or tool. If we are talking a simple bit flip on the client side, no amount of internet-based authentication will prevent that control from being circumvented.

And the "call home" controls that check on every start or every x number of starts are just annoying for people who want to play in a disconnected state. Especially if you're game has no online content...

CD/DVD checking is kinda silly too if the product doesn't need content from the disk. And given the current size of HDD's and the limted capacity of DVD's, this scenario probably doesn't exist validly anyway...

A cool registration that I see common in commercial software that doesn't have a high distribution rate is custom compiled binaries with unique signatures to each binary. As a consumer, you aren't impacted at all as you can install and go. No keys to fuss with either. But as a vendor, when you see your product pop up on bit torrent or whatnot, you can track the hash of the binary back to a specific user. Certainly this system isn't perfect as the pirate can modify the binary prior to distribution so that it does not have a valid signature. But I don't think this method is any less effective than anything else I've seen and reduces the impact on the valid user.

#11 I don't want to protect againts piracy, I just want to establish a system to be able to sell it using a key system just in case a publisher doesn't take the game. I guess that if a publisher took the game they have an in-house protection system.

That's it, and I don't have the knowledge, so if somebody, like Chris, has such system it will be great to know about the steps to achieve this goal. I know that several people can make a game, just like myself, but as me, several people will don't know how to establish a key system.

Thanks

#12 Doesn't custom compiled binaries mean a lot of work for you? Do you actually mean you have to compile a version for EVERY game that's downloaded, or is there a trick to automating it? You can only track it back to a specific user if they actually purchase first and give you an email address - if they've downloaded a demo and distribute that, as far as I can see, there's no way to determine where it started.

I AM interested in protecting against piracy, but only to the point of requiring customers to enter a key to activate their game - once - and turn off the most casual pirates. This should be a little bit of work to "encourage" people to buy, who would likely buy anyway if a cracked version wasn't so easy to get hold of.

#13 Well what I've got isn't anything over the top. Basically, you download the game and it comes in "demo" mode. You can go online and pay on my site. A key gets generated and emailed to you. You can use that key to activate the full features in the game. Voila. Five activations are allowed. (Or I can disable that limit.)

Just to make sure one person doesn't buy the game and upload it for others to play for free, I added in an extra little C++ function. It reads your computer name. So if the computer name changes, you have to activate again. It should be a MAC address or hard disk ID or something, but computer name was easy. I figure if people are so desperate for a free copy of Mini Chess that they'll change their computer name, then it's free for them. ;)

#14 So is the key the same for everyone, or do you have a different key for each user?

#15 It's a different key per user. It goes something like this:

1- User downloads game, plays it in demo mode
2- User likes it and goes to xenoclone.com to pay for it (via Plimus)
3- Plimus uses a custom http-request to a key generation site; key is guaranteed unique
4- Key is emailed to user
5- User enters key into demo game's activation prompt
6- Game uses http connection to verify key is valid
7- If key is valid, demo is unlocked into full version of the game
8- In an encrypted file, the game saves that it has been activated, its key, and the name of the computer it is on

And that's it!

#16 Ah, thanks. #6 fills in a blank spot for me :)

#17 Sounds like a simple loopback proxy should circumvent that system. Hopefully the service isn't too expensive.

#18 @Brian: It's by no means a sophisticated protection system. But it's free, since I already had the web hosting, and I'm the one who developed it. ;)

#19 The method exposed here its pretty much valid, and will shoo away the casual pirate, but one a lil more dedicated will certainly circumvent that protection in minutes... i know i did it about 10 years ago with a WildTangent game (a single bitflip somewhere and that was all i had to do).

today, while piracy is a concern for me, unless you put some encryption in place and some clever tricks here and there (that doesnt get annoying for the end user), no method will prevent your game from appearing in torrent places anytime soon.

but yeah, storing certain data on a crypted file, and tying the game to a machine (or two) is somehow the way to go.

it can get "annoying" for the dev. or vendor to have to activate a user a couple times, but it may payoff for the dev. in the long run.

#20 I really do appreciate the efforts people put into protection systems. I've just been around long enough to know that ALL of them get broken. Certainly put a system in if it's cost effective and doesn't make your users feel like criminals. But when it comes down to it, your gonna have unauthorized replication and distribution.

Look at the 2D Boy guys who made World of Goo. Their estimates suspect ~90% piracy rate, yet they aren't getting poorer. I read somewhere that Zuma from Pop Cap was at a rediculously high piracy rate as well, yet they built a solid indie shop off of it's sales. Look at the early FPS titles like Wolfenstein 3D and Doom whose piracy rates have yet to be seen by any other title since. I wonder what ever became of that company...

Piracy will happen. Do what you can to stop it without inconveniency the customer. Adding value to the product is often a great anti-piracy step as well. Be it bundled tangible items, or valid online content (community, multiplayer, high-scores, online-only content, etc).