Piracy concerns on Android

Mr E · 28-03-2012 12:32pm #1

I know this is probably more suited to the mobile application forum, but I decided to post here to reach a greater audience.

I've been working with a friend on an android game for the last year, and it's getting pretty close to being ready for release. What we're concerned about now is how easy it is to pirate applications on the Android. It would be devastating to see hundreds of man hours (and possible revenue) go down the tubes if the APK for the game popped up on torrents, usenet etc.

I really don't understand why Google don't somehow tie your google email address to applications that are purchased from Play (via digital signature or some other means).

I'd be interested to hear from other developers about how they protect their own software against being pirated (if they have done anything special in that regard), and what people think in general about piracy on Android. Is it just a small handful of techies that would have the know-how to install an APK manually, or is it a more widespread concern?

bandit197 · 28-03-2012 12:39pm

Keep the quality high and the price relatively low and people will buy the app before pirating it. I would imagine that the majority of lost sales due to piracy would be to users who would not buy it anyway.

srsly78 · 28-03-2012 12:40pm

The android sdk has DRM available, use it. Apps will go online (once) to check if they are authed. Apps are tied to your gmail account, as you have suggested. Also make sure code is run thru pro-guard obfuscator before release (it is by default, unless you have messed with settings). This DRM has been available for about a year now, the original android market didn't have it. A lot of the stuff on the web you might read about this is thus out of date.

But yes, you can root the phone and maybe bypass these checks. The number of people that actually do this is tiny compared to the overall market.

mathew · 28-03-2012 12:42pm

srsly78 wrote: »

The android sdk has DRM available, use it. Apps will go online (once) to check if they are authed. Apps are tied to your gmail account, as you have suggested. Also make sure code is run thru pro-guard obfuscator before release (it is by default, unless you have messed with settings). This DRM has been available for about a year now, the original android market didn't have it. A lot of the stuff on the web you might read about this is thus out of date.

But yes, you can root the phone and maybe bypass these checks. The number of people that actually do this is tiny compared to the overall market.

I find this really annoying when trying to play a game on an airplane. Any of the games that have DRM can't be palyed because they can't get online to check.

srsly78 · 28-03-2012 12:43pm

The "normal" market DRM only checks the first time after installation or update. So just make sure your games are "activated" before you get on plane.

Anything more than that is 3rd party drm added by the developer, and we should all complain about it to them.

Professey Chin · 28-03-2012 12:43pm

The Android Market has had an anti-piracy system available for a good while now (heres the original post about it)
Piracy on android is a problem but I really have no idea as to how widespread it is. A lot of would be down to the same as music(but with less people obviously).
Most people wouldnt give it a second thought but when they buy a new phone theres always 1 or 2 people telling them "Go to this site and you can get the apps free". The fact you can't buy vouchers like you can for iTunes or charge to your bill (although apparently T-Mobile in the UK can now) doesnt help with this either but with everything coming under the Play banner hopefully thats in the pipeline.
In short I think its a problem but it can be dialled back with simple things like pre-paid vouchers.

Professey Chin · 28-03-2012 12:43pm

srsly78 wrote: »

The "normal" market DRM only checks the first time after installation or update. So just make sure your games are "activated" before you get on plane.

Anything more than that is 3rd party drm added by the developer.

usually EA -_-

Mr E · 28-03-2012 1:15pm

Is it not true that even if the code is obfuscated, someone with basic programming knowledge could decompile the APK and remove the call to the licensing server?

srsly78 · 28-03-2012 1:22pm

It's technically true that any program can be decompiled. In reality it's really difficult tho. Whenever a new update comes along all that work would have to be done again. Good developers release lots of updates for their apps adding new features, this also makes pirates lives more difficult.

With a rooted phone there is no way to stop piracy (except for online games ofc), only to make it annoyingly difficult. This applies to the iphone as well.

Professey Chin · 28-03-2012 1:31pm

I wouldnt have thought rooting has anything to do with it since the unknown sources option is an always available checkbox

ED E · 28-03-2012 1:40pm

As above, good game low price and people will buy it.

If people want to crack it they will, there's nothing you can do. If multi-million dollar titles can be up on trackers within hours of release there's no way you can prevent it.

Atomic Pineapple · 28-03-2012 2:01pm

The Great Chinholio wrote: »

I wouldnt have thought rooting has anything to do with it since the unknown sources option is an always available checkbox

To get at the APK in the first place, a device must be rooted to allow someone access to it and then decompile it.

If your really worried just put in your own license check, but don't force users to be online every time they want to use the app. For example use the AlarmManager to schedule a license check to your server every X number of days, if the license check can't authenticate then add a back off period, so the user can still use the app but your license check will run again in a shorter period of time. Do this 3 times say and after the third attempt let the user know they must authenticate within 24 hours to continue using the app.

Professey Chin · 28-03-2012 2:04pm

draffodx wrote: »

To get at the APK in the first place, a device must be rooted to allow someone access to it and then decompile it.

Makes sense. I was only thinking from the users side

Star Lord · 28-03-2012 3:28pm

srsly78 wrote: »

The "normal" market DRM only checks the first time after installation or update. So just make sure your games are "activated" before you get on plane.

Anything more than that is 3rd party drm added by the developer, and we should all complain about it to them.

Unless people have firewall apps installed that prevent them from getting unwanted internet access.

Seriously, most of the people that pirate apps wouldn't buy it in the first place, and some of those that do will do so to try it, and may purchase after that.

srsly78 · 28-03-2012 3:37pm

Blocking google market with a firewall is probably not the best idea if you want your stuff to work :pac:

Star Lord · 29-03-2012 8:51am

I mean the apps themselves, not the market!
There's an increasing number of apps that do not need Internet access to function that 'dial home' before they'll let you use them at all.

srsly78 · 29-03-2012 9:37am

I think it's the market that does the normal drm check... not sure tho.

Piracy concerns on Android

Comments