Trial Activation Abuse?Solved

I have noted a potential problem with trial activation. I'm using the No-click verified trials and I've seen a large number of activations (8) from the same IP address (200.109.49.194) all within several minutes of each other today. I saw something similar about a week ago and it appears their have been similar situations at other times. Is this a common problem that I should expect? I cannot really tell why it would be happening and was looking for some additional information that you might have on if these are legit activations (Perhaps a group all using the program in a training ?).Thanks for any feeback.

IP address is not a good indicator of anything. We don't use it for any internal use (it's not useful for anything).

The most likely case is that there are multiple customers behind the same IP address. (Very likely) This is a common occurrence in corporations and other organizations (e.g. schools).

Shoot me an email at wyatt@wyday.com with some trial IDs of the verified trials you think are abuse and we'll look into them. (You can get the trial ids from clicking the "view details" link and copying that URL)

We need to make it clearer on the verified trials list so it's easier see exactly what is going on.

Hi Wyatt,

I tried to get some trial IDs, but not sure what I'm doing wrong because I do not see trial ID. When I go to the Verified Trials page I see the Trials with an OS Version, IP address, Extra Data, and Trial Expires Date. To the far right I see a "Details" that I click. The Details show the following information:

Trial days left: Total trial length:Trial created:Trial expires:Device informationOperating system: Extra data:IP address:Rough location:

I've tried this using Chrome and Safari and get the same results (on the road right now and don't have access to a windows machine). Still I wouldn't think it a browser issue. Am I missing something?

Thanks for helping with this.

Regards,

Jim

Hey Jim,

The trial ID is in the URL itself. You can just copy and paste a handful of URLs and we'll take a look at them.

Hi Wyatt,I got a similar problem today for regular (non-trial) activations.I sent you an email with details.

Wyatt,

Here are a few of the URLs:

[Snip]

Hope this is what you wanted. A related question - I have had a customer who keeps asserting they are having a problem with activating. I suspect they might be activating multiple different systems (which they deny) coincidentally located at the same place as all the trials above occurred. Is there a way to check the activation record to see if it is the same machine being activated or is that guaranteed if a separate activation is created (I allowed 3 activations and 3 were created).

Regards,

Jim

, edited

Hey Jim,

>> "Here are a few of the URLs:"

We'll look into it. It looks like the activation data is corrupt, likely from an over-clocked CPU, are other end-user craziness. But we'll dig into it to confirm whether or not it's a bug in TurboActivate.

>> " - I have had a customer who keeps asserting they are having a problem with activating. I suspect they might be activating multiple different systems (which they deny) coincidentally located at the same place as all the trials above occurred. Is there a way to check the activation record to see if it is the same machine being activated or is that guaranteed if a separate activation is created (I allowed 3 activations and 3 were created)."

Shoot us an email with the product key and we'll take a look. Also, what versions of TurboActivate are you using? If it's not the latest version, then do that first before continuing.

Hi Wyatt,

I've sent the information requested. I thought I'd also post some other "questionable" URLs that seem to come from the same location but at an earlier date - perhaps they will help in your evaluation.

[Snip]

Regards,

Jim

, edited
Answer

We've fixed this issue server-side last night (meaning bad fingerprints get rejected out-right). Today we've released TurboActivate 4.0.9.6 which fixes this issue client-side. You can get the latest version here: https://wyday.com/limelm/api/

In the near future we're going to remove all bad fingerprints from the servers (and trials associated with those bad fingerprints), just to un-muddy the waters.

I'm truly sorry about the bug.