How to protect an Android App developed in Xamarin with QLM

QLM can protect .NET / Xamarin applications running on Android devices with permanent, trial and device bound keys.

A .NET library (source code included) exposes an API that enables you to provide your customers with an evaluation of your software and then turn it at anytime into a permanent license, or simply extend it for subscription based applications.

The .NET library along with a sample applications are provided in the following QLM Pro samples folder:

        %Public%\documents\quick license manager\samples\qlmenterprise\Android\DotNet\QlmDotNetAndroidSample

The sample contains 3 project: QlmMonoAndroidLib, QlmXamLicenseLiband QlmDotNetAndroidSample

QlmMonoAndroidLib is the library that contains .NET Mono classes required for  decrypting license information sent by the QLM web service.

QlmXamLicenseLib is the library that performs the license validation, activation, decryption, etc. You typically do not need to change any code in this package. The QlmLicense class in this package is the main class you need to interfact with. The most common methods of this class are document in the help under "Quick License Manager Enterprise / Non-Windows Platforms / Mobile Devices API".

QlmDotNetAndroidSample simulates your application. When the application is launched, the application attemps to retrieve a stored license on the device to validate it. If no key was ever activated, the user is prompted to enter an Activation Key and activate it.

Use the QLM Pro Application to create an Activation Key from the Manage Keys tab. Note that activation keys can be created from your server using our API or directly from one of the ecommerce provider integrated with QLM. For a full list of ecommerce providers integrated with QLM, check the help or our web site.

Once the user enters the Activation Key, you call the QlmLicense.ActivateLicense method. If activation is successful, digitally signed license information is stored on the device. QLM uses RSA asymmetric encryption to store license information on the device. The RSA public/private key pair is automatically generated by QLM when you define a product in the QLM Application Define Products page. The keys are displayed on the Encryption Keys tab / Mobile Devices Encryption.

Note that the encrypted data stored on the device is signed on the QLM server using the RSA private key and verified on the device using the RSA public key.

In the QlmDotNetAndroidSample application, the RSA public key is stored in a file called QlmPublicKey.xml. In your own application, it is recommended that you hard code the public key in your code rather than store it in an external file.

In the event a client does not have an internet connection to activate a license online, you can perform an offline activation as described below:

• In the QLM applicatinon, under the Manage Keys tab, locate and select the license to activate.
• Click on the Activate button.
• Fill in the Computer ID field on the Activation tab along with other fields as required.
• Click on the Advanced tab.
• Select a location where you would like to store a license file then click Ok.
• Send the generated license file to your customer and ask them to copy it to the folder where your application expects the license file to be located.