=Spica Shui=

1. Combining API and Envelope
   Most Software License Protection Dongle will come with API (Application protocol interface such as DLLs and Object files), where there are various libraries files provided for software vendors to include protection function calls into their source codes. Envelope is whereby the software vendor can make use of the provided shell program to encrypt their application without the need to modify their source code. The best protection will be Envelope after completed the API protection, a combination of both. 
    
2. Updating Protection
   As the best protection now might no longer secure few years later, it is very important that the software vendors will keep updating their protection more often. The best practice is to change their protection strategy for different versions or product, do not use the same strategy once for all. 
    
3. Object vs DLL Links
   In order to gain higher security, a software vendor should link their applications to the Software License Protection Dongle’s objects instead of DLLs. This is because link by objects will be compiled and integrated as part of the protected application of which will make simulating attacks more difficult. 
    
4. Intelligent use of API Calls
   A smart protection should include multiple API calls with different security function calls from various program points. Protection with more various different API calls will definitely harder to trace than protection with few almost similar API calls. Try to make your API Calls more sophisticate. 
    
5. Dummy API Calls
   One simple ways to make your protection even harder to hack is to include some dummy API Calls, i.e. some API or security checks that will not have any legitimate reaction. Such method will be able to confuse hackers who will need to spend more effort on analyzing such dummy API calls that they will never know this is not the “real” one. 
6. Delay Reaction
   Most software vendors practice direct reaction in their implementation should the API calls found no dongle or invalid return, thus hackers are able to back trace the security checking points and then bypassing it. To make your protection even harder to back trace, perhaps you can delay some of your reactions to confuse the hackers, means if detected no dongle or invalid return then keep a validity flag in your program then at later program point only suspend the program. 
    
7. Manipulate Functionalities
   Many software vendors include standard response such as displaying error message and suspending program should there is no dongle found or invalid return. Another better ways to make hacking harder is to alter the program functionalities should the dongle not found, such as disable printing report features until a valid dongle is attached. Hacker might not realize there is security check point that restricted the program functionalities. 
    
8. Authenticate instead of compare
   Direct comparing value is just too easy to understand, should the dongle product chosen provide possible features to allow software vendors to perform certain authentication such as Checksum after performing predefine security algorithms, use it. Some dongle products provide more advanced security features such as onboard encryption, seed code or random code generation, onboard security algorithms, of which it will maximize protection if we utilize it in the right manner.

Source : http://www.securemetric.com/articles-d.php?id=4