12 Replies Latest reply on Nov 13, 2013 8:47 PM by philmodjunk

    Protecting your solution



      Protecting your solution


           I have designed a solution to be run on an ipad with FMGO. I can add security to stop any random logging into the solution and I can also set privileges to stop people messing with/copying the work. However, the solution can be emailed or copied to any other ipad very easily and by providing the password anyone can use it without paying. 

           Does anyone have any solution to this? I wondered if it was possible to use some kind of GET function to get specific info about the ipad (such as serial number) that could then be checked in a script and stop the logon but there is no get function for this.

           The solutions is stand alone, no server connection needed. 

           Any thoughts?

        • 1. Re: Protecting your solution

               Get( PersistentID )

          • 2. Re: Protecting your solution

                 But be aware that iOS7 introduced some issues for Get ( PersistentID ): http://forums.filemaker.com/posts/1ebde0f441?commentId=249274#249274

            • 3. Re: Protecting your solution

                   The issue was resolved in iOS7 (although it uses another source for the unique hardware ID)


              • 4. Re: Protecting your solution

                     I don't agree that it was fully resolved as is discussed in the thread that I posted a link to if you read all the way to the end. (It was started while iOS7 was in Beta but continues after the issue was "resolved".)

                     The problem that remains is that your legitimate user can now lock themselves out of your solution if they re-install FM GO. Thus, you need to be prepared for providing some additional customer care for such users if you use persistent ID to limit your solution to a single device.

                • 5. Re: Protecting your solution

                       You must provide that additional level of customer care in any event (e.g. when the user buys a new iPad or iPhone).  …and you don't have to lock them out immediately.

                  • 6. Re: Protecting your solution

                         Yep. But now the likelyhood/frequency of such has increased by a significant factor. That was my whole point in sharing that info.

                    • 7. Re: Protecting your solution

                           Thanks people, the Get Functions page I was looking at was this one


                           which is obviously out of date as it doesn't seem to have that function listed, grr

                           Anyway I have created this script which I have tested on a couple of different iPads and it appears to work as intended. What have I overlooked? Any suggestions, constructive criticism etc.

                           Obviously it only works if the solution is installed directly onto the iPad by us, since we are just a couple of guys doing some stuff for a school that is not an issue for us. It clearly would not work if we distributed the file via email or some other means.


                           if ( Protected::g_uniqueIDstored = "" )
                           set field ( Protected::g_uniqueIDstored; Get (PersistentID ))
                           Go to layout (original layout)
                           End if
                           Set Variable ( $ID; Value;Get ( PersistentID )
                           if ( $ID = Protected::g_uniqueIDstored )
                           Go to layout ( original layout )
                           Show Custom Dialog ( "This iPad does not appear to be licences etc" )
                           Exit Application
                           End if

                      • 8. Re: Protecting your solution

                             It would seem that all your user need do is install a new copy of the original file--which will not have a value in g_uniqueIDstored, and they'll be able to use it.

                             And you'll need some facility for "unlocking" the actual copy on a customer's iOS device should they have to re-install FM GO on their gadget. Doing so results in get ( persistentID ) returning a new value so they will be locked out of your solution if, for example, they have a problem with FM GO and a tech support person at FileMaker tells them to re-install FM GO on their device.... That means having a method for them to contact you with some sort of proof of purchase so that you can send them some kind of single use "key" that enables the system to reset the global field with a new value that matches that returned by the new installation of FM GO.

                        • 9. Re: Protecting your solution

                               Assuming that g_uniqueIDstored is a global field...do globals work differently in FMGo than in FMPro? 

                               Will the value in the global field persist through application close?

                          • 10. Re: Protecting your solution


                                 The value will persist. Just as it would with a single user FileMaker Pro file.

                            • 11. Re: Protecting your solution

                                   Cheers Phil, the intention is simply to connect each ipad to my MacBook to install the file. The average user/teacher is unlikely to make a copy before opening it the first time. The re-install issue is an interesting one. Presumably I could have some kind of option where the user opens a dialog box with a unique password that is already hidden in the solution. Opening that would then reset the g_uniqueID field to the current device. 


                              • 12. Re: Protecting your solution

                                     If the user 'registers' with you by entering a value derived from the original persistentID in to a different database that logs their purchase, then you can use that code to generate a new code that the FM GO solution can also produce from the same stored value based on the same PersistentID to do a one time unlock of the solution to store the new persistent ID and then update their registration with a new derived value.