Michael Cheung
Feb 08, 2018
1:47 am


I'm looking through the Knox SDK sample, and a comment on the ActivateLicense() method says:

"Note that embedding your license key in code is unsafe and is done here for demonstration purposes only."

What is the recommended / safe way of retrieving the license key for activation?

Samuel Goldwax
Feb 08, 2018
5:33 pm

Hi Michael,

There are lots of ways that you can secure your license key, such as requesting it from a server, using Android NDK, etc. The main thing is to not leave it hard coded in the application, as it can be decompiled and compromised.




Just to be a little paranoid/contrary here, even if you use the NDK, it could be disassembled, and server requests could be attacked with things like KRACK.  Are there any options for the unnecessarily paranoid/overprotective?  Does the license key absolutely have to make its way onto the device itself in order for activation to occur?

Michael CheungFeb 08, 2018 at 7:24 pm