Article

PACE Anti-Piracy Raises the Bar in White-Box Encryption Protection for Bank, PSP, and Payment Scheme Applications

March 1, 2022

Next-gen ‘White-Box Works’ code generator launches complete with EMVCo Software-Based Mobile Payment security evaluation certificate

1st March 2022 - San Jose, California - Banks, payment service providers (PSPs), schemes, and other financial institutions can now benefit from a uniquely high level of sensitive data protection and application attack resistance, following today’s launch of White-Box Works, a next-generation EMVCo-evaluated White-Box code generator, from PACE Anti-Piracy. 

Unlike traditional solutions, White-Box Works gives the customer complete, independent control over their protected code, ensuring their encryption keys and proprietary algorithms never leave the customer’s premises. White-Box Works can transform any C-code into a protected white-box variant in a single step, offering unparalleled flexibility, security, and efficiency.

This level of in-house control also promises to increase operational efficiency for the customer, since they are no longer beholden to a white-box library vendor’s build schedule and can develop their application in accordance with their internal schedules. It also enables the customer to use, replace and update their deployed encryption keys and algorithms at will, with no need to re-engage PACE Anti-Piracy, or any other third-party vendor, to do so. 

White-Box Works has been designed to defeat a variety of sophisticated attacks, including those involving reverse engineering, fault injection, and advanced statistical analysis (such as Differential Computation Analysis).

White-Box Works outputs code that has been designed to defeat a range of attacks to which many encryption-dependent financial apps remain vulnerable, including, for example, those supporting mobile payments, digital identity, self-service retail, and softPOS use-cases. 

White-Box Works has also achieved an EMVCo Software-Based Mobile Payment (SBMP) security evaluation certificate, following a successful EMVCo SBMP Evaluation conducted by global security lab, Riscure. 

“Statistical Analysis attacks are the bane of all white-box encryption protection solutions,” comments Allen Cronce, CEO of PACE Anti-Piracy, Inc. “We are very proud to be equipping the financial services industry with a solution capable of addressing these and other vulnerabilities. White-Box Works represents a significant step forward in the encryption protection space, and will give banks, PSPs, schemes, and other financial sector users greater confidence in the security of their sensitive data. We’re also delighted to accompany the launch with news of White-Box Works’ EMVCo SBMP evaluation certificate and are grateful to Riscure’s talented penetration testers. The entire Riscure team has been a pleasure to work with throughout the rigorous EMVCo evaluation process.”

“Riscure is proud to have assisted PACE Anti-Piracy in achieving an EMVCo SBMP evaluation certificate for White-Box Works,” adds Maarten Bron, Managing Director of Riscure North America. “This innovative technology provides a unique security capability for solution developers as it supports the creation of white-box instances for any algorithm, allowing for optimal flexibility and developer freedom when the protection of cryptographic keys is vital. This makes White-Box Works not only useful in payments, but also in other fields such as digital rights management, eHealth, IoT, automotive and more.” 

“It's also noteworthy that White-Box Works was evaluated as a stand-alone technology and did not require the additional protection of binary hardening and tamper-proofing technology to receive an EMVCo security evaluation certificate,” adds Allen Cronce. “I believe this is another industry first for White-Box Works. It’s an unmatched achievement we are immensely proud to highlight.”

White-Box Works is available now. For more information, please visit our White-Box Works webpage or contact PACE Anti-Piracy at [email protected]

About PACE Anti-Piracy, Inc.

PACE Anti-Piracy, Inc. is a privately held company based in San Jose, California. Since 1985, PACE has provided software publishers and distributors with high-quality solutions for secure software distribution. PACE products are used by a growing number of world-class software publishers around the world.

www.paceap.com 

About Riscure

Founded in 2001, Riscure is a leading global advisor on the security of connected and IoT devices, as well as a recognized vendor of advanced security testing tools and security training. Riscure helps customers around the world to build robust hardware and software solutions and to speed up the process of secure development and certification. Riscure is the thought leader in Mobile Security and has been the front runner on security analysis of White-box Cryptographic implementations since 2012.
www.riscure.com

Articles

More articles you may be interested in:
Customer Success Story: Freehand Graphics

Home-grown Licensing vs. Professional Licensing: A Boomerang Story |

Freehand Graphics is a global leader in software solutions for the screen-printing industry. Some of their software, notably Separation Studio NXT and AccuRIP Emerald, makes pre-press functions, like color separation, a simple and easy process for their customers.

Some History

As art students living in New York City, Charlie and Laura Facini were interested in making a career in the arts. Charlie was interested in printmaking and took a part-time job at a screen-printing shop to earn some extra money. Technology was quickly changing during this time, and screen printing was beginning to transition from a completely manual process to digitization. The industry was changing, and Charlie was at the forefront. While working daily to process orders, manually adjusting colors and specs, Charlie realized that parts of the screen-printing process were extremely time-consuming and error-prone. He decided to embrace the innovation that was happening around him with computers and technology and write a computer program to optimize the process.

Charlie wrote a program that would ultimately revolutionize screen-printing. What would normally take 3 labor-intensive days of work, Charlie’s program allowed to be done in less than an hour. Having discovered such a time-saving and efficient tool, Charlie’s screen-printing shop (which he now owned with his wife Laura) was able to process more orders and ultimately make more money. The next step – could he sell this program to other screen-printing shops?

Freehand and PACE Anti-Piracy

In 1995, Freehand sought a way to distribute its software securely with a licensing system. PACE helped Freehand set up a secure licensing model that allowed customers to try the software, and later to buy it. The ability to ‘wrap’ their code with PACE’s unique architecture gave Freehand the security and flexibility it needed for trial extensions, ensuring prospects had enough time to evaluate the product and eventually buy.

In 2007, after joining forces with a new developer, Freehand decided to move toward a home-grown licensing model and no longer use PACE. 

Why Turn Back to PACE Anti-Piracy?

A shortfall of the home-grown licensing system was the lack of a robust license control center. With limited ability to help clients activate or deactivate software in response to local hardware issues, Freehand actively looked to improve the UX and to enhance customer service. 

Free trials are at the core of many software sales strategies. For Freehand Graphics, nearly all sales are preceded by an 8-day trial. One drawback to the home-grown licensing system was that when a potential customer downloaded the trial, Freehand couldn't easily turn off access once the trial was over. People evaluating the software could, in some cases, still have access even though their trial period was over.   

Freehand Graphics also offered a ‘chargeback guarantee’ – allowing customers who purchased their products to get their money back if they were not satisfied. Although a rare occurrence, when a customer did ask for a chargeback, there wasn’t an easy way to completely turn off access. A customer chargeback should have triggered the end of the license use, but the system in place did not offer that ability. 

Finally, in 2019 Freehand decided to move from perpetual licenses to a subscription model. The need to make this change stemmed from a goal to create more features and a better user experience for customers. Charlie added “Perpetual is an ugly word when you are trying to create recurring revenue for a software product.” It was this decision that ultimately brought them back to PACE.

"With PACE, clients in good standing continue to benefit from using Freehand software, while those without an active license no longer have access. Freehand benefits from knowing that software activated means profits retained, while users enjoy the freedom and power of 24/7/365 web-based license controls."

Updating Meant Upgrading

The return to PACE Licensing not only helped Freehand’s new business model create recurring revenue and growth, but it also resulted in a better experience for their end-users. PACE iLok License Manager delivered a better UX for end-users, who are now more self-sufficient. This has resulted in a significant decrease in some support requests and eliminated other support issues altogether. This, in turn, has allowed Freehand to focus more on product and development.

Conclusion

When asked what role professional security and licensing have on Freehand Graphics, Charlie Facini responded

“Without question, our products would not exist in this form in a digital age. It is impossible. You can’t let someone trial software without security, you can’t sell without security. Without proper security, you have an open-ended sale. PACE Anti-Piracy gave us something we never had in the past... mental security.”


For more information on how PACE Anti-Piracy can help with your licensing needs, contact us!

Read More
Vienna Symphonic Library (VSL) Switches to iLok

PACE Anti-Piracy, Inc. is proud to announce that Vienna Symphonic Library is now offering iLok USB and iLok Cloud compatible licenses for their entire product line. In an announcement earlier today, VSL's press release stated "We’re excited to enter a new era of easy installation procedures, license management, and using our products with or without a physical USB key!"

Along with new iLok compatible licenses, VSL has created an application called Vienna Assistant, to aid in the download and installation process. As VSL states "we’ve streamlined the entire process from purchasing to playing so you can focus on what really matters, your music!" To celebrate the switch, VSL is offering store-wide discounts on all of their products!

Derek Heimlich, Director of Sales, Pro Audio, at PACE Anti-Piracy stated "We are proud to be working with Vienna Symphonic Library. They are known throughout the industry for their excellent products, and we are happy to help protect their products while enabling their customers to fulfill their artistic endeavors."

For videos, instructions, and more details on VSL's switch to iLok, read their full article here.

About Vienna Symphonic Library GmbH

VSL is one of the leading developers of sample libraries and music production software for classical orchestral music. The Vienna Symphonic Library provides digital samples of solo voices and instruments as well as orchestral ensembles. The VSL software acts as an interface for the music composer to play the real instruments on a MIDI keyboard. Hans Zimmer, Danny Elfman, Lenny Kravitz, Beyoncé, and Justin Timberlake are all VSL users.

Read More
PACE Anti-Piracy Announces End-to-End Robust Anti-Tamper Support for Apple Silicon

PACE Anti-Piracy Inc., is pleased to announce full Native Apple Silicon support. After significant development and rigorous testing, iLok copy protection tools are now fully Apple Silicon compatible. The latest license support software update now includes full M1 support, along with existing support for Intel-based Mac OS systems. This release enables plug-in makers and publishers to update their products that have native M1 support with full license protection.

“We knew our publishers were keen on taking advantage of M1 Pro and M1 Pro Max devices and its impact on the creative community and their workflows. This was a top priority for our engineering team - and it was a big job. We are really happy about this release.” said Allen Cronce, CEO PACE Anti-Piracy, regarding the announcement.

In addition, if you are using iLok License Manager version 5.5 or newer, you can now request a machine activation reset from within iLok License Manager. The publisher will still need to approve the request.

iLok is part of the PACE Anti-Piracy licensing platform which enables publishers to distribute their licenses securely via cloud, machine, or iLok hardware. Secure license distribution also requires different layers of protection, including a high security tamper-protection solution called Fusion. The work surrounding Fusion was very complex and required significant changes at the OS Level.

About PACE Anti-Piracy

PACE Anti-Piracy Inc., is an industry leader in providing robust software copy protection and flexible license management services, is a privately held company based in Silicon Valley, California. Since 1985, PACE has provided software publishers and distributors with easy-to-use high-quality solutions for anti-piracy protection and secure software distribution. PACE's products and services are used by an ever-growing number of world-class software publishers around the world.

Read More
PACE Anti-Piracy Raises the Bar in White-Box Encryption Protection for Bank, PSP, and Payment Scheme Applications

Next-gen ‘White-Box Works’ code generator launches complete with EMVCo Software-Based Mobile Payment security evaluation certificate

1st March 2022 - San Jose, California - Banks, payment service providers (PSPs), schemes, and other financial institutions can now benefit from a uniquely high level of sensitive data protection and application attack resistance, following today’s launch of White-Box Works, a next-generation EMVCo-evaluated White-Box code generator, from PACE Anti-Piracy. 

Unlike traditional solutions, White-Box Works gives the customer complete, independent control over their protected code, ensuring their encryption keys and proprietary algorithms never leave the customer’s premises. White-Box Works can transform any C-code into a protected white-box variant in a single step, offering unparalleled flexibility, security, and efficiency.

This level of in-house control also promises to increase operational efficiency for the customer, since they are no longer beholden to a white-box library vendor’s build schedule and can develop their application in accordance with their internal schedules. It also enables the customer to use, replace and update their deployed encryption keys and algorithms at will, with no need to re-engage PACE Anti-Piracy, or any other third-party vendor, to do so. 

White-Box Works has been designed to defeat a variety of sophisticated attacks, including those involving reverse engineering, fault injection, and advanced statistical analysis (such as Differential Computation Analysis).

White-Box Works outputs code that has been designed to defeat a range of attacks to which many encryption-dependent financial apps remain vulnerable, including, for example, those supporting mobile payments, digital identity, self-service retail, and softPOS use-cases. 

White-Box Works has also achieved an EMVCo Software-Based Mobile Payment (SBMP) security evaluation certificate, following a successful EMVCo SBMP Evaluation conducted by global security lab, Riscure. 

“Statistical Analysis attacks are the bane of all white-box encryption protection solutions,” comments Allen Cronce, CEO of PACE Anti-Piracy, Inc. “We are very proud to be equipping the financial services industry with a solution capable of addressing these and other vulnerabilities. White-Box Works represents a significant step forward in the encryption protection space, and will give banks, PSPs, schemes, and other financial sector users greater confidence in the security of their sensitive data. We’re also delighted to accompany the launch with news of White-Box Works’ EMVCo SBMP evaluation certificate and are grateful to Riscure’s talented penetration testers. The entire Riscure team has been a pleasure to work with throughout the rigorous EMVCo evaluation process.”

“Riscure is proud to have assisted PACE Anti-Piracy in achieving an EMVCo SBMP evaluation certificate for White-Box Works,” adds Maarten Bron, Managing Director of Riscure North America. “This innovative technology provides a unique security capability for solution developers as it supports the creation of white-box instances for any algorithm, allowing for optimal flexibility and developer freedom when the protection of cryptographic keys is vital. This makes White-Box Works not only useful in payments, but also in other fields such as digital rights management, eHealth, IoT, automotive and more.” 

“It's also noteworthy that White-Box Works was evaluated as a stand-alone technology and did not require the additional protection of binary hardening and tamper-proofing technology to receive an EMVCo security evaluation certificate,” adds Allen Cronce. “I believe this is another industry first for White-Box Works. It’s an unmatched achievement we are immensely proud to highlight.”

White-Box Works is available now. For more information, please visit our White-Box Works webpage or contact PACE Anti-Piracy at [email protected]

About PACE Anti-Piracy, Inc.

PACE Anti-Piracy, Inc. is a privately held company based in San Jose, California. Since 1985, PACE has provided software publishers and distributors with high-quality solutions for secure software distribution. PACE products are used by a growing number of world-class software publishers around the world.

www.paceap.com 

About Riscure

Founded in 2001, Riscure is a leading global advisor on the security of connected and IoT devices, as well as a recognized vendor of advanced security testing tools and security training. Riscure helps customers around the world to build robust hardware and software solutions and to speed up the process of secure development and certification. Riscure is the thought leader in Mobile Security and has been the front runner on security analysis of White-box Cryptographic implementations since 2012.
www.riscure.com

Read More
Cloud AAX code signing with CI build systems

Are you using a Continuous Integration (CI) build pipeline that is based in the Cloud and need to code sign your plugins for AAX on a virtual machine?  If so, PACE has the solution for you.  Meet Cloud 2 Cloud.

Cloud 2 Cloud is a new service available for AAX code signing that no longer requires a physical iLok USB device to be attached to the machine that is handling the code signing certification.  Software developers can now achieve the same result - a validated AAX plugin for use in Pro Tools - now without the need for an iLok USB to be attached to the machine completing the code signing process.

With Cloud 2 Cloud, now you can utilize PACE's cloud-based AAX code signing technology into your existing cloud-based build pipeline for seamless, and truly continuous integration between cloud services. 

"Thanks to this tailored-made solution, we are now able to automate the build of AAX plug-ins and integrate the signing process inside Audio Modeling’s Continuous Integration system."

Emanuele Parravicini, CTO, Audio Modeling

To learn more about how Audio Modeling integrated Cloud 2 Cloud with their CI system, click on the link here.

Read More
The Anti-Piracy Solution

Fighting software piracy is an ongoing battle; it means lost revenue, marketshare , and your reputation as a publisher could be at stake.

Unauthorized copying and distribution accounted for $2.4 billion in lost revenue in the United States alone in the 1990s,** and is assumed to be causing impact on revenues in the music and the game industry, leading to the proposal of stricter copyright laws such as PIPA and the DMCA. Everyone knows that illegally sharing software is wrong, yet it still happens every day. Lowering the barrier to entry by removing copy protection, or moving to a flimsy, online pay wall model has been proven ineffective at preserving software integrity. Our research has shown that a hacker’s intentions are difficult to predict. Sometimes, they wish to crack very expensive software to deliver it to the masses; other times, they crack software for sport and recognition amongst their peers. This makes anti piracy protection an important factor to consider if your goal is to make money. Not only do hackers offer product for free but they often abuse copyrights as well.

Another point to consider is how an anti piracy solution can protect your companies brand, perhaps your greatest asset. Good anti piracy software protects your executable inside and out and makes your product tamperproof. Our research has also shown us that global hackers are not as concerned about giving away your software for free, but rather they see your success as a vehicle to steal precious and sensitive information from your audience. By reverse engineering and inserting malware, hackers can gain access to your customers’ data and computers. If you have not adopted stringent anti piracy software protection practices, experienced hackers can quickly and easily infiltrate your distributions and ruin your company’s reputation. With open communication readily available in social media, it is even more imperative, as your potential customers will run from your product offering if they feel they cannot trust it.

Hackers are relentless. Their community is large and they are becoming more and more brazen with their attacks and frequency. They communicate with each other and will even crowdsource their efforts to take a software title down. They hate anti piracy protection and may often engage in a smear campaign to make software publishers believe that an anti piracy solution will hurt their bottom line. Common arguments are that the anti piracy copy protection scheme is cumbersome and a hassle for the end user. Sadly, many publishers believe this when in fact, we have the data to prove the contrary.

You would be mistaken to think that an anti piracy solution is a one-time cost, a set it and forget it investment. We have seen good, strong, expensive anti piracy software from our competitors hacked within days of being posted. Sadly, in some cases protected software lasts only hours in the wild. How do you combat this threat? Will any anti piracy solution work for your needs? We can help you with this fight. We have anti piracy solutions that are proven to be effective in protecting your company’s revenue stream.

Before we delve into discussing anti piracy software, we would like to give you a glimpse into how vulnerable you could be.

How do they do it?

Most anti piracy software protection schemes rely on license checks to validate ownership. A license check validates the ownership and allows your software to run. Remove the license and the software will cease to work. A seasoned hacker can easily spot simple license checks and remove the checks without degrading the functionality of the software.

Of course, as anti piracy solutions become stronger, the tools hackers write and use adapt, thereby escalating this war. Mid-size to smaller companies, who lack the financial resources to sink into a homegrown anti piracy solution, don’t stand much of a chance, and some have sadly resigned themselves that their product will be hacked as soon as it’s released.

Enter PACE Anti Piracy Inc. to fight this battle for you. We have a proven track record of over 30 years developing solutions to stay ahead of attacks on our customers: You, the publisher. Until recently, our most secure method of storing a license was on a proprietary USB iLok dongle. After some technological breakthroughs and years of development, our license servers are secure enough to deliver cloud licensing at an affordable cost AND be secure enough for us to brand with the iLok name.

How do we combat this?

Anti-Piracy Security Software

PACE Anti-Piracy, Inc has been in this business for over 30 years. We have seen it all and yet we are surprised at the tenacity, level of sophistication, and for lack of a better term, talent of the hacker community to quickly and methodically dismantle a publisher’s hard work and release it on a torrent site. The only way to combat these threats is to understand the motivations and methods used. We constantly monitor hacker boards and communications to understand their challenges. We look for methods that prove to be difficult for them to break. We also employ a team of reformed hackers to challenge our product offerings before they are released to our publishers. We use tested cryptography and have vast experience with anti-tamper and white box technologies. We test our anti piracy software against the most brilliant minds in the industry and we are only satisfied when they have to admit defeat.

We know it sounds like an unrealistic boast to say our anti piracy software cannot be cracked. Our goal is to stay ahead of the curve and hacking trends. We avoid giving known hooks or patterns that they recognize, and we pepper our anti piracy solutions with methods that we know are time consuming and difficult, if not impossible, to remove. We are constantly innovating and investing in the future.

The PACE Anti-Piracy, Inc. Solution

We are constantly asked by new publishers how long it will take to implement. To answer that, we must take many factors into consideration. We like to describe the amount of protection our anti piracy software solution provides as a dial that can be turned from 1 to 10. One being a deterrent to abuse; 10 being robust protection for valuable IP.

There are myriad reasons why a publisher would chose a particular anti piracy setting, it usually comes down to time available and effort required. Our solution is flexible enough to accommodate your needs.

How Much Anti Piracy Security Am I Getting?

An anti piracy solution is only part of the puzzle. PACE Anti-Piracy, Inc offers product licensing that works in tandem with the tamper-proof nature of our copy protection. In all of our years in business, our licensing system and hardware dongle have never been hacked. The license the end user purchases is always visible to you with our PACE Central portal and can accommodate many licensing scenarios from a full perpetual license to a limited trial or a renewing subscription, just to name a few. We offer reasonable license distribution solutions.

Please contact us to set up a discussion; we would love to understand your requirements and what you need to get to market.

Publishers looking for sales information about the iLok licensing system, software security, or anti-piracy may follow this link: http://go.paceap.com/proaudio.

**Greg Short, Comment, Combatting Software Piracy: Can Felony Penalties for Copyright Infringement Curtail the Copying of Computer Software?, 10 Santa Clara Computer & High Tech. L.J. 221 (1994). Available at: http://digitalcommons.law.scu.edu/chtlj/vol10/iss1/7

Read More
iLok USB-C Announced

PRESS RELEASE – PACE ANTI-PIRACY, INC. - iLok USB-C Announced - Offering Professionals Even More Options To Keep Licenses Safe

FOR IMMEDIATE RELEASE

PACE Anti-Piracy, Inc. have today announced the USB-C version of the third generation iLok USB.

In addition to the iLok USB-A, PACE is now offering the iLok USB-C which uses the USB Type-C connector. Both iLok devices hold up to 1,500 authorizations—3x more than before—and deliver twice the transfer speed of the second generation iLok USB. Plus, it’s sleeker, smaller, and more secure, with a full metal jacket (made from durable aluminum) that won’t split or crack from normal use.

The iLok USB is fully backward compatible with previous versions – so all software developed for use with a 2nd generation iLok will continue to work with a 3rd generation iLok USB-A or USB-C. And with the addition of Zero Downtime (ZDT) protection, you will always have access to your licenses if your iLok USB is lost, damaged, or stolen.

Eden 5.0 - PACE Anti Piracy
iLok USB-A (back) & iLok USB-C (front)

Since its release over 20 years ago, the iLok USB hardware device has never been compromised.

The design of the 3rd generation iLok USB-A and USB-C are a huge step up from previous versions. The internal components are ingeniously small, packed into their metal case using methods that make duplication virtually impossible. And fewer components mean fewer points of failure once the device is being used in the field.

Many people asked for a USB-C version of the iLok, and here it is. More computers are entering the market with USB Type-C ports, and our new iLok USB-C allows users with USB-C ports to use our licensing key without the need of additional adapters. Along with our Fusion Anti-Tamper technology, the 3rd generation iLok USB-A and iLok USB-C provide a publisher with the most secure tools in the industry. Period.

Andrew KirkVice President of PACE Anti-Piracy, Inc.

Whether you’re purchasing your first iLok device or want to consolidate licenses from older keys, iLok USB makes it easy to take all of your software authorizations with you, wherever you go.

PRICING:

Standard 3rd generation iLok USB-C pricing (as of April 2021)
All pricing is in US$
MSRP is $59.95

FAQS

How many licenses can the iLok USB-A and USB-C hold?

The 3rd generation iLok USB-A and iLok USB-C can hold up to 1500 licenses depending on the license type. By comparison, the 2nd generation iLok USB can hold up to 500 licenses.

Can I have original iLoks, the iLok USB-A, and iLok USB-C in my account at the same time?

Yes, you can have any combination of iLok USBs in your account at the same time.

Does the new version of the iLok USB work just like the original iLok device?

The 3rd generation iLok USB works the same as the 2nd generation iLok USB. It is also fully backward compatible.

Can I get Zero Downtime protection on a new iLok USB?

Zero Downtime (ZDT) is immediately available for 3rd generation iLok USB-A and iLok USB-C. Theft & Loss Coverage (TLC) may be enabled within the iLok License Manager application on ZDT-covered 2nd & 3rd generation iLoks.

Do I have to buy the new version of the iLok USB?

You do not need to purchase a new iLok USB to continue working. Note that software publishers may set some of their products to require 2nd generation or above iLoks.

Will you still be selling the third generation iLok USB-A?

Yes, 3rd generation iLok devices are now available in both USB-A and USB-C versions.

Why should I buy the new version of the iLok USB-C?

If your computer only has USB Type-C ports, you can use the new iLok USB-C without the need for a USB Type-A to USB Type-C adapter connector.

Can I move licenses from an old iLok device to a new iLok USB-C?

Yes, both the new and original iLok USB function the same.

ABOUT PACE ANTI-PIRACY, INC.

PACE Anti-Piracy, Inc. is a privately-held company based in San Jose, California. Since 1985, PACE has provided software publishers and distributors with high quality solutions for secure software distribution. PACE’s products are used by an ever-growing number of world-class software publishers around the globe. Current and past PACE Customers include AbbeyRoad/EMI, Adobe, Antares (Auto-Tune), Apple Computer, AudioEase, AVID/Digidesign, Brother International, Celemony, Corel, Cycling74, Dolby Laboratories, DTS, Inc., DxO Labs, EastWest Soundsonline, Electronic Arts, Empirical Labs, FontWorks Japan, Follett Corporation, Gobbler, Harman International/Lexicon, InstallShield Software, KORG, Line6, Massenburg DesignWorks, Mark of the Unicorn (MOTU), McDowell Signal Processing (McDSP), Morisawa and Company, Nemetchek America, Network Associates/ Netscout, Neural DSP, Nikon, Notionmusic, Philips, Sanyo, Slate Digital, Softube, Sonic Solutions, SSL, Sonivox, Sonnox Plugins, SoundToys, Unity3D, Universal Audio, US Cost, UVI, Verance, Vienna Symphonic Library, Waves, The Walt Disney Company, Write Brothers Inc, plus over 300 Pro Audio software companies.

PRESS CONTACT:

email: [email protected]
web: www.paceap.com and iLok.com
Media graphics can be downloaded here

Read More
Announcing White-Box Works

PACE Anti-Piracy Announces White-Box Works, a Next-Generation White-Box Code Generator to Secure Cryptographic Keys and Data Against Discovery

FOR IMMEDIATE RELEASE

PACE Anti-Piracy, Inc. a leader in in-app protection technologies today announces the release of White-Box Works—a next-generation white-box code generator. This new in-app protection tool is a groundbreaking approach to white-box technology. Its unique industry-leading architecture adds new dimensions of security to protect cryptographic secrets against the most advanced discovery attacks.

Overview

White-Box Works is a white-box code generator, not simply a library of protected cryptographic operations. With White-Box Works software developers can generate or update an unlimited number of unique white-box implementations on-demand, keeping your team nimble and your bottom line safe from unexpected support bills. With White-box Works, updating your app no longer means updating your development budget.

White-Box Works includes many enhancements vs. previous generations of white-box products.

  1. Advanced proprietary architecture translates into resistance to the latest cryptographic attacks
  2. Algorithm agnostic
  3. Support for non-deterministic algorithms

The use of cryptography has grown significantly in recent years, and it’s increasingly common for applications to leverage cryptography. As encouraging as this might be, many developers have a false impression about what the use of cryptography in their application actually means in terms of security.

When an application encrypts data and sends it to a third party (that has a key to decrypt it), the data is protected in transit, but nothing is protecting the encrypt/decrypt operations themselves. If an attacker gains access to either device (a bank app running on a mobile device for example) they can easily extract an unencrypted copy of the key at the instance at which the key is decrypted.

Depending on how the application manages keys, this may allow the attacker to decrypt all past and future data sent by the application and possibly even all data sent by all users of the application. The result of such an attack is not simply a single compromised app, but potential intellectual property loss, DRM class breaks, back-end systems compromise, risk of costly GDPR and CCPA regulatory action, as well as damage to the App developer’s reputation and brand.

White-Box Works is an unmatched in-app protection tool to address this problem.

In cryptographic implementations transformed by White-Box Works, private keys, content keys and license store keys, trusted constants such as public keys, and proprietary algorithms are all executed within the boundaries of the White-Box and are never visible in a decrypted state in the static application or in runtime memory. White-Box Works was designed to defeat reverse engineering attacks and advanced statistical analysis attacks (like Differential Computation Analysis).

White-Box Works is a new, unique solution for adding white-box cryptography to applications. It provides unmatched protection for cryptographic keys vs. legacy solutions and is more flexible without compromising ease of use or performance.

Availability

White-Box Works is available today to software publishers as an option when updating their products.

Statement from PACE's CEO

Allen Cronce, CEO of PACE Anti-Piracy, Inc. states: “As app developers move more and more software logic to client side implementations, there is a pressing need to harden security related code against attacks. Financial services, identity, contact tracing, biotech and automotive apps are particularly vulnerable given their architectures.” With White-Box Works, PACE meets this need by providing comprehensive multi-layered security for keys and data.

About PACE Anti-Piracy, Inc.

PACE Anti-Piracy, Inc. is a privately held company based in San Jose, California. Since 1985, PACE has provided software publishers and distributors with high-quality solutions for secure software distribution. PACE products are used by a growing number of world-class software publishers around the world.

For more information, please visit https://www.paceap.com/software-white-box_cryptography.html

Contact: [email protected]

Read More
Compatibility with Apple Notarization

PACE ANTI-PIRACY, INC. ANNOUNCES SUPPORT FOR APPLE NOTARIZATION REQUIRED IN MacOS CATALINA

FOR IMMEDIATE RELEASE

October 14, 2019, San Jose, California.

PACE Anti-Piracy, Inc., a leading License Management and Application Protection platform, today announces compatibility with Apple Notarization.

Apple Notarization was initially announced at WWDC 2018 as an extension to the Developer ID program, where developers submit their apps to Apple for review. The program, as announced at WWDC 2018, was optional.

In April 2019, an update to Apple’s notarization support documentation  advised "Beginning in macOS 10.14.5, all new or updated kernel extensions and all software from developers new to distributing with Developer ID must be notarized in order to run." While the process changed to force new developers to notarize, the notice also points out everyone else developing macOS software will have to do so eventually, as "In a future version of macOS, notarization will be required by default for all software." 

In September 2019, Apple updated app publishers again. https://developer.apple.com/news/?id=09032019a “As a reminder, Mac software distributed outside the Mac App Store must be notarized by Apple in order to run on macOS Catalina.”

About Notarization

Gatekeeper Dialog

Notarization gives users more confidence that the Developer ID-signed software you distribute has been checked by Apple for malicious components. Notarization is not App Review. The Apple notary service is an automated system that scans your software for malicious content, checks for code-signing issues, and returns the results to you quickly. If there are no issues, the notary service generates a “ticket” for you to “staple” to your software; the notary service also publishes that ticket online where Gatekeeper can find it.

When the user first installs or runs your software, the presence of a ticket (either online or attached to the executable) tells Gatekeeper that Apple notarized the software. Gatekeeper then places descriptive information in the initial launch dialog to help the user make an informed choice about whether to launch the app.

Impact on PACE Anti-Piracy Eden Tools Users

Fast forward to today. With the October 1, 2019 release of Eden tools 5.1.0, PACE has added generalized support for Apple Notarization from within our tools. “To support our customers, we worked closely with Apple to get out ahead of Apple’s Notarization feature”, says Allen Cronce, CEO of PACE Anti-Piracy.

If your company hasn’t updated its licensing and application protection systems in the last few years, Apple is giving you yet another compelling reason to revamp those antiquated solutions. Now is a great time to adopt a new platform and work with a partner that’s committed to staying ahead of Apple ecosystem changes.

PACE has been providing licensing and application protection solutions to Apple application developers since 1985. We have the technology and experience to make transitioning to a modern, streamlined licensing and application protection solution painless and the cost of our technology is likely no more than your company is already investing in your current solution.

To learn more and get a demo today, please contact us.


https://appleinsider.com/articles/19/04/09/apple-amping-up-requirements-for-app-notarization-starting-in-macos-10145

https://developer.apple.com/documentation/security/notarizing_your_app_before_distribution

https://developer.apple.com/news/?id=09032019a

Read More
Support for 64-bit Apple Applications

PACE ANTI-PIRACY, INC. REAFFIRMS SUPPORT FOR 64-BIT APPLE APPLICATIONS

FOR IMMEDIATE RELEASE

September 10, 2019, San Jose, California.

PACE Anti-Piracy, Inc., a leading License Management and Application Protection platform, today reaffirms their commitment to compatibility with 64-bit Mac applications.

Apple first warned developers in 2017 that updates to macOS after High Sierra would not run 32-bit apps ‘without compromise’. 64-bit has been required for both app submissions and app updates to the Mac App Store since January 1, 2018. To notify users of the upcoming changes, an alert dialogue in macOS was added in early 2018.

App is not optimaixed for your Mac. Warning dialog

Fast forward to today. With the public beta of the next major version of macOS, macOS Catalina now here, it's no surprise that Apple is dropping support for 32-bit apps.

Why is Apple dropping support for 32-bit apps in macOS Catalina?

Here's what Apple has to say on the subject:

“A State-of-the-art technology is what makes a Mac a Mac. All modern Macs include powerful 64-bit processors, and macOS runs advanced 64-bit apps, which can access dramatically more memory and enable faster system performance. The technologies that define today's Mac experience—such as Metal graphics acceleration—work only with 64-bit apps. To ensure that the apps you purchase are as advanced as the Mac you run them on, all future Mac software will eventually be required to be 64-bit.

Apple began the transition to 64-bit hardware and software technology for Mac over a decade ago, and is working with developers to transition their apps to 64-bit.”

So where does that leave software companies that have delayed releasing 64-bit Mac applications because their legacy licensing system is not 64-bit compatible? Well, the short answer is scrambling for a modern alternative to dongle-based licensing systems that were designed in the last century. Based on the inquiries we have received to-date, in addition to the soon to be retired DevMate licensing system, we are led to believe that many popular licensing systems, including the Thalas Gemalto Sentinel product, are not 64-bit compatible.

If your company hasn’t updated its licensing and application protection systems in the last few years, Apple is now giving you a compelling reason to request the budget to revamp those antiquated solutions. It’s not a secret that many of the best-known legacy licensing solutions suffer from well-understood security cracks, are at best keeping honest people honest, and are often just creating headaches for you, your staff, and your customers. Now is a great time to finally adopt a more modern solution.

Please contact us. PACE has been providing licensing and application protection solutions to Apple application developers since 2010, we have the technology and experience to make transitioning to a modern streamlined licensing and application protection solution painless, and the cost of our technology is likely no more than your company is already investing in your current solution.

Contact: [email protected]

About PACE Anti-Piracy, Inc.

PACE Anti-Piracy, Inc. is a privately held company based in San Jose, California. Since 1985, PACE has provided software publishers and distributors with high-quality solutions for secure software distribution. PACE products are used by a growing number of world-class software publishers around the world.


Sources

“32-bit app compatibility with macOS High Sierra 10.13.4 and later” https://support.apple.com/en-gb/HT208436

“macOS Catalina Is Dropping Support for 32-Bit Apps: How to Check Which Mac Apps Will Stop Working”, 4 July 2019 https://gadgets.ndtv.com/apps/features/macos-catalina-32-bit-apps-support-stop-work-how-to-check-2063627

Important Announcement DevMate end of life https://announcement.devmate.com/

Read More
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram