SOFTWARE LICENSING PROTECTION
Software License Protection Dongles -
The Smarter way to protect your software
Software Licensing protection
Secured,Assured & Dependable
It is essential for software developers to have software licensing protection to protect their software’s intellectual property from reverse engineering or piracy. Securemetric offers a series of durable and software-developer-friendly licensing protection producst. You can rely on our advance anti-tracking and license defense features that will ensure only your customers can access your software.
SecureDongle
SecureDongle X
Software Licensing Assessment
SecureDongle
SecureDongle
SecureDongle was built based on advanced microprocessor smart chips which have been certified by EAL4+ and ITSEC. The smart chip based hardware architecture ensures complete protection against the risks of Dongle hardware being cloned or duplicated. In addition to hardware advantages, SecureDongle was also built with user friendly interfaces on its bundled firmware and utilities.

Key Features:
Non-Smart Chip Based
Commonly based on a typical low cost EEPROM where the main protection algorithms rely more on the firmware that are bundle together rather than on the hardware. This type of hardware architecture can easily be duplicated by most Dongle Duplication Experts
Self Definable Security Algorithms
Up to 128 self definable security algorithms that will be executed on-board when called by protected software which will then be authenticated using the popular Challenge Response Authentication to maximize the security level of the protection
Smart Chip Based
Advanced EAL4+ and ITSEC certified microprocessor smart chips enable the algorithm’s execution and on board seed code generation. Microprocessor smart chips also prevent hardware cloning and duplication attacks.
Multi Levels Access Right Management
Supports multi level access right management to facilitate different access rights for the development team.
HID Driverless
As HID driverless, SecureDongle requires no external device driver installation, thus minimizing the common technical issue arise from device driver. No driver is required. As long as a USB thumb drive is compatible with the computer, so does SecureDonglel
User-define security password
Supports on-board seed code and random number generation which developer can apply into their protection to strengthen the security and to make the protection more complicated to crack.
Secure Communication
SecureDongle is built also with advanced encryption/decryption on communication between firmware and hardware to prevent debugging and emulator attacks.

SecureDongle Brochure
Smarter way to protect your sfotware!
SecureDongle X
SecureDongle X
SecureDongle X is built on the most cost-effective secure EEPROM together simple Plug & Play HID USB platform that is Xtremely simple to implement, even a new dongle user can master it within very little learning effort. It does not offer many of the advanced software protection methods but it can be the perfect choice for mass software developers who want simple protection without a heavy price.

Key Features:
Human Interface Device
Comprises a simple plug & play driverless USB dongle. If your USB thumb drive can work on one computer system, so can SecureDongle X. –
Large Memory
SecureDongle X has built-in 2,560 bytes (i.e. divided into five blocks of 512 bytes each) internal memory which can be used as external table for some licensing data.
Unique Identifier
Each SecureDongle X comes with a 32-bit Hardware ID with its globally unique identifier that is burnt into the One-Time-Write-Only chip – so secure that even its manufacturer will not be able to ammend it
Changeable Password
SecureDongle X comes with 32-bit UID (i.e. password to access the dongle) that can be regenerated with the provided initialisation tool with upto 64-byte Seed Code (i.e. the ‘secret’ that the dongle owner keeps in order to generate his/her UID).
Enhanced Security
For extra security, SecureDongle X comes with built in support for 2048-bit RSA encryption to ensure the data stored inside the internal memory can be securely protected
Comprehensive Software Development Kit
SecureDongle X comes witha comprehensive, yet developer-friendly SDK, even a fresh dongle user can master it with very little learning effort.
Secure Communication
SecureDongle is built also with advanced encryption/decryption on communication between firmware and hardware to prevent debugging and emulator attacks.

SecureDongle Brochure
Smarter way to protect your sfotware!
Software Licensing Assessment
Software Licensing Assessment
SecureMetric offers independent evaluation of software licensing protection to assist our clients to ensure they apply the right licensing protection approach before releasing their software products to the market. The scope of evaluation cover from auditing the protection mechanism and point of integration follow by software penetration test and white hat hacking. Security issues that uncovers will be reported to the client with highlighted potential impact with suggested countermeasures.

Key Features:
*Common Criteria EAL4+ certified
*Used in many WebTrust, CWA 14167 and eIDAS audited installations
*Integrity protected audit log (log signing), with digital signature or HMAC protection
*Full database integrity protection of all tables, to detect database manipulation
*Command line tool for verification of audit and database integrity protection
*Validation tool for conformance checking of certificates and OCSP responders
*EAC PKI (EAC 1.11 and 2.10) for ePassports and eIDs, Country Verifying CA (CVCA) and Document Verifiers (DV) issuing Inspection System (IS) certificates
*Certified access control and authorization module, for assurance and high trust role separation
*3GPP, i.e. LTE/4G, compatible PKI, using CMP with multiple Vendor CAs and vendor certificate authentication
*CMP Proxy to add an additional network layer, with message check, between the CA and CMP clients
*Command line CMP client in Java useful for scripting, testing and prototyping
*SCEP RA mode, using SCEP controlling entity creation from an RA
*SCEP Client Certificate Renewal, allowing client certificate renewal using SCEP
*Certificate Transparency, RFC6962
*CertSafe publisher to send, and revoke, certificates from a CertSafe server
*Peer Connectors for managing Peer Systems, such as OCSP Responders
*Direct Validation Authority (OCSP responder) updates from CA to VA. Ideal for low latency revocation and white listing
*External RA with a polling model for RA to CA communication, for high security environments. Ability to run the RA web UI in polling mode
*Create Crypto Tokens and CAs, generate keys and add and remove administrators through the Web Service API
*EV Certificate specific DN components as defined in CABForum guidelines (jurisdictionLocality, State and Country).
*eIDAS specific fields as defined in ETSI EN 319 412 (organizationIdentifier)
*Additional algorithms using HSMs through PKCS#11, RSASSA-PSS (SHA256WithRSAAndMGF1). Available through patches for Java
*Support for Native MS Autoenrollment in Windows environment with add-on autoenrollment proxy module
*Support for GOST and DSTU algorithms (Russian and Ukrainian algorithms)
*Penetration tested with improved security
*Used in many WebTrust, CWA 14167 and eIDAS audited installations
*Integrity protected audit log (log signing), with digital signature or HMAC protection
*Full database integrity protection of all tables, to detect database manipulation
*Command line tool for verification of audit and database integrity protection
*Validation tool for conformance checking of certificates and OCSP responders
*EAC PKI (EAC 1.11 and 2.10) for ePassports and eIDs, Country Verifying CA (CVCA) and Document Verifiers (DV) issuing Inspection System (IS) certificates
*Certified access control and authorization module, for assurance and high trust role separation
*3GPP, i.e. LTE/4G, compatible PKI, using CMP with multiple Vendor CAs and vendor certificate authentication
*CMP Proxy to add an additional network layer, with message check, between the CA and CMP clients
*Command line CMP client in Java useful for scripting, testing and prototyping
*SCEP RA mode, using SCEP controlling entity creation from an RA
*SCEP Client Certificate Renewal, allowing client certificate renewal using SCEP
*Certificate Transparency, RFC6962
*CertSafe publisher to send, and revoke, certificates from a CertSafe server
*Peer Connectors for managing Peer Systems, such as OCSP Responders
*Direct Validation Authority (OCSP responder) updates from CA to VA. Ideal for low latency revocation and white listing
*External RA with a polling model for RA to CA communication, for high security environments. Ability to run the RA web UI in polling mode
*Create Crypto Tokens and CAs, generate keys and add and remove administrators through the Web Service API
*EV Certificate specific DN components as defined in CABForum guidelines (jurisdictionLocality, State and Country).
*eIDAS specific fields as defined in ETSI EN 319 412 (organizationIdentifier)
*Additional algorithms using HSMs through PKCS#11, RSASSA-PSS (SHA256WithRSAAndMGF1). Available through patches for Java
*Support for Native MS Autoenrollment in Windows environment with add-on autoenrollment proxy module
*Support for GOST and DSTU algorithms (Russian and Ukrainian algorithms)
*Penetration tested with improved security
-Non-Smart Chip Based
Commonly based on a typical low cost EEPROM where the main protection algorithms rely more on the firmware that are bundle together rather than on the hardware. This type of hardware architecture can easily be duplicated by most Dongle Duplication Experts
-Self Definable Security Algorithms
Up to 128 self definable security algorithms that will be executed on-board when called by protected software which will then be authenticated using the popular Challenge Response Authentication to maximize the security level of the protection.
-Smart Chip Based
Advanced EAL4+ and ITSEC certified microprocessor smart chips enable the algorithm’s execution and on board seed code generation. Microprocessor smart chips also prevent hardware cloning and duplication attacks.
-Multi Levels Access Right Management
Supports multi level access right management to facilitate different access rights for the development team.
-HID Driverless
As HID driverless, SecureDongle requires no external device driver installation, thus minimizing the common technical issue arise from device driver. No driver is required. As long as a USB thumb drive is compatible with
-User-define security password
Supports on-board seed code and random number generation which developer can apply into their protection to strengthen the security and to make the protection more complicated to crack.
-Secure Communication
SecureDongle is built also with advanced encryption/decryption on communication between firmware and hardware to prevent debugging and emulator attacks.

SecureDongle Brochure
Smarter way to protect your sfotware!
1
%
of software installed on PCs around the world in 2015 were not properly licensed (a decrease from 43% in BSA’s previous global study published in 2014)
1
%
worldwide rate of unlicensed use in banking, insurance and securities industries (despite the fact that much tighter control of the digital environment is expected)
1
billion
The commercial value of unlicensed software worldwide plunged (BSA’s 2014 report cited commercial value of $62.7 billion)

Case Studies
PrimeKey Solution AB Implements Government PKI
EJBCA is the most downloaded open source PKI soOware in the world with more than 250,000 downloads since it started, in addition PrimeKey has successfully implemented of national level and enterprise level PKI projects which…
Ministry of Finance (MOF), Malaysia
There are many division under Ministry of Finance Malaysia, all division having their own responsibility and roles to achieve the vision and objectives.
Customised PKI Token to Commerce Dot Com
ePerolehan is the electronic procurement system to enable Malaysian Government agencies nationwide to procure goods and services from their suppliers electronically and transparently.
Lazada Group, From EJBCA Community to PKl-ln-A-Box
As the number one online shopping and selling platform in Southeast Asia, Lazada has long recognized the importance of adopting PKI to secure their infrastructure. PKI has been implemented across many mission critical applications across…
Advanced Science and Technology Institute
In line with improving and institutionalizing egovernment services, the Philippine government embarked on a mission to PKI enable the whole country with a focus on a few crucial government agencies such as the Bureau of…