Licensing Service Technology Highlights
July 27th, 2010 | Published in Google Android
We’ve just announced the introduction of a licensing server for Android Market. This should address one of the concerns we’ve heard repeatedly from the Android developer community.
The impact and intent, as outlined in the announcement, are straightforward. If you want to enable your app to use the licensing server, there’s no substitute for reading the authoritative documentation: Licensing Your Applications. Here are some technical highlights.
-
This capability has been in the Android Market client app since 1.5, so you don’t have to be running the latest Android flavor to use it.
-
It’s secure, based on a public/private key pair. Your requests to the server are signed with the public key and the responses from the server with the private key. There’s one key pair per publisher account.
-
Your app doesn’t talk directly to the licensing server; it IPCs to the Android Market client, which in turn takes care of talking to the server.
-
There’s a substantial tool-set that will ship with the SDK, the License Verification Library (LVL). It provides straightforward entry points for querying the server and handling results. Also, it includes modules that you can use to implement certain licensing policies that we expect to be popular.
-
LVL is provided in source form as an Android Library project. It also comes with a testing framework.
-
There’s a Web UI on the publisher-facing part of the Market’s Web site for key management; it includes setup for production and testing.
-
Obviously, you can’t call out to the server when the device is off-network. In this situation you have to decide what to do; one option is to cache licensing status, and LVL includes prebuilt modules to support that.
We think this is a major improvement over the copy-protection option we’ve offered up to this point, and look forward to feedback from developers.