I'm not sure if this is where I need to be asking this question, but here it is. My company is preparing to release a software program in the format of PIN cards (similar to phone cards). Each card will have a PIN on it under a scratch panel. The PIN can then be used to download the software program from our website.
I need to figure out what to do about theft prevention. I know with the phone cards, the PIN doesn't work until it is scanned at the register. How would I get this setup? Do I need to setup a "special" database or something?
How will I know if the card has been scanned at the register? Will the POS submit it to a database?
AFAIK the codes are submitted online to the phone company. The exact setup depends on the POS system; probably the POS terminals just submit it to their local POS Server, which then has to be configured to act accordingly (e.g. add new Entry to a license database, that has to be queried by your software to check the activation).
There also needs to be a way to handle refunds (scratch panel intact).
Related
We provide a subscription to our app.
Are there any standard technics to prevent users from duplicate installations in different devices?
In app payment requires that you let a user restore his purchases on a different device. I'm not aware of a standard way to verify that the previous devices content was removed.
If you're asking about just copying the files then there's storage encryption which you can read about here. Notice that it is breakable if someone tries.
You can collect device information from each device and then just compare if the new device is trying to install the app with the same account as in another device.
I started working for a company in the field service industry. We have a program and client database build in Access. As of right now, they are scheduling their service calls in a notebook. I am trying to get this company into this era by having a web-based scheduling software.
I have basic schooling networking but I am not a programmer nor do I know Access. I have learned how to split the database and create a multi-user environment and converted it to accdb from mdb to work with Access 2013 instead of 2003 in which it was written. These steps have greatly helped but I am not sure where to go from here.
My next step is the scheduling software but the company's greatest concern is the protection of their client database. Not from outside hackers but there is always a concern of employees selling our client list to our competitors. Also, at this time, employees do not have web access for this reason, which they will need.
Is there any way to keep the accdb file from being sent via email etc. or copied to external media? If I set up permissions through the OS, won't that make the client files uneditable (for lack of a better word) in Access? Like address/tele # changes or notes? I'm not even sure what to even search for help.
Thank in advance for your time
I understand that Access 2013 can be installed on a Server 2008 R2 or 2012 server. Put a password on the database. That should keep hackers out, and as far as keeping employees out of the data that they shoudn't be in, I know the navigation bar can be hidden, but it is unfortunately able to be viewed again by the F11 key. It would've been nice if MS could have made the navigation bar ability an easy option (yes or no), and make it modifyable in VBA....They may have. Keeping users out of raw data is something I have yet to figure out too....
I'm a novice at this stuff, but I was able to write code, and a login screen of my own so that users can have their own login ID, and a password (or phrase), and enable them to change their own password if they forget it, or if they just just to change it. You can make the navigation bar disappear by the VBA code: DoCmd.LockNavigationPane True...but unfortunately F11 can re-enable it.
Hope this helps....
I am going to develop an application which will periodically query against an database and display the most updated scheduler/queue information for their product process.
My initial thought is that a gadget could do that, as the main function is to display information, and that information should be readily available most of the time without user intervention. But it seems that Microsoft discontinued gadget from a little bit reading. Should I worry about that and using winform NotifyIcon instead? It just occur to me that something like gadget is more simple and probably more user friendly due to its simplicity?
Or are there any other options I am not aware of? It will be a simple application to simplify business process, and I think it is safe to assume that the machine will be Windows 7.
I'd focus on the current desktop. Since your current target is Windows 7, I wouldn't worry too much about it. It seems quite unlikely that businesses would switch to Windows 8 en masse.
Besides, for Windows 8, you'd presumably want to make some kind of Metro app instead.
I am looking at writing a silverlight app that I plan to use OOB setting to enable use on both PC and mac.
I have been doing a little investagation on the isolationstoragefile and what I understand is it will work for both pc and mac without a problem.....Is that correct?
The application I am building is going to be a business application that will submit details back to the main database if there is an available connection. If not then I want to store the information locally until there is an available connection.
My question is lets say I have 3 user accounts using the same machine. Can I have the isolationfile stored in the same place? or must it be under the user profile?
I don't want to have orphaned records which I could see happening if the data is stored on each user's profile.
Any advise would be great!
I understand is it will work for both pc and mac without a problem.
That is correct. You don't need to worry about the mechanics of how it is persisted to disk.
I have 3 user accounts using the same machine. Can I have the isolationfile stored in the same place? or must it be under the user profile?
IS is located under the user profile. In a full trust (elevated) OOB app you may be able to store files elsewhere on the file system by using the FileSystemObject or by using some COM interop, but there is no guarantee that you can get to that file again (NOTE: i haven't played with saving files external to IS, so may be wrong/misinformed on this). If you can whack files out to anywhere on the file system you should be very careful doing it - what if you are running on a Mac?
I don't want to have orphaned records which I could see happening if the data is stored on each user's profile.
If you mean data may be stored locally because of no connection, then that user logs off and never logs back in again to that machine so their data never syncs to the server, then yes that is a possibility. Having a service monitoring for saved data files would be ideal, but you can't do that under SL. To completely eliminate that issue may take a change in your product, like writing it as a WPF client instead of SL.
I am designing a Point-Of-Sale system for a small shop. The shop just have one Point-Of-Sale but often they are one to three users (sellers) in the shop. Each user have their own user account in the system so they login and logout very often. How should I design the login/logout system in a good way?
For the moment the users don't use passwords, because it takes so long time to type the password each time they login.
The Platform is Windows Vista but I would like to support Windows 7 too. We use Active Directory on the Network. The system is developed in Java/Swing for the moment, but I'm thinking about to change to C#.NET/WPF.
I am thinking about an SmartCard solution, but I don't know if that fits my situation. It would be more secure (which I like) but I don't know if it will be easy to implement and smooth to use, i.e. can I have the POS-system running in the background or started very quickly when the users switch? Are SmartCard solutions very expensive? (My customers are small shops) Is it preferred to use .NET or Java in a SmartCard solution?
What other solutions do I have other than passwords/no passwords/smartcards?
How should I design the login/logout system in a good way?
Is there any good solution using SmartCards for this purpose?
I would like suggested solutions both for C#.NET/WPF and Java/Swing platforms.
I would like suggested solutions both for Active Directory solutions and solutions that only use one user profile in Windows.
How is this problem solved in similar products? I have only seen password-solutions, but they are clumsy.
An interesting solution is to use "Fast User Switching", i.e. the capability to have multiple user sessions open on the same PC. The POS software could be launched through the Startup folder of each seller account and would stay active in each seller session.
I thought that being in a domain (i.e. using Active Directory) disables Fast User Switching, but according to The old new thing, this was true on XP only. I just checked with my Win7 machine at work: it is in a domain but still has the "switch user" menu item.
The main advantage is that if your software is already multi-user aware, you don't need to change it.
I should have made the Fast User Switching check before writing what is below, because this seems to be the simplest solution. Here are other ideas, anyway.
Another solution is what you mention of having a single Windows user but several "virtual users" that your application manages. A smart card is a good way to implement a pseudo-login. In C++, the API allows detecting the removal or insertion of a card, so the application could detect this and read the card after insertion to know who's currently in front of the computer. .NET can easily call this API through P/Invoke; I don't know much of Java, except that JNI could be a solution to call the native API if there is no managed library that publishes this capability.
What should be done is researching the different types of card and how to talk to them, as your app should use a card that does not require a PIN to be accessed (or you are back to the slow login system, except if tying a 4-digit number is not considered too slow).
I've seen restaurants where waiters insert a key into the cash register in order to be identified. I googled "cash registers" but could only find a complete solution package, rather than the components like a key reader.
An almost idiotic question is: how much security do you need ? Does it make sense to have big buttons on the first screen of the app, where people click in order to tell the system who they are ? When they are done, they click on a "Finish" button and the app goes back to the "identify" screen. I've put this at the end because it is so simplistic that it has a low probability of being useful.
I'm not familiar with a broad range of smart card provider solutions, but I know Gemalto has a .Net friendly setup. Most others are geared to Java, but support is widening.
With regards to switching user sessions and your application, it depends on how "heavy" your application is. If your app requires quite a bit of start-up time / resources then you might consider creating the basic application as a service on the machine which can run in the background continuously and then you can load a light-weight UI to interact with the service with each user session (maybe launch via Startup menu).
There is a C# project on CodeProject which provides a framework for interacting with smart card services in windows - might be interesting reading.
I had a chance to work with the Open Source Computer Vision library (OpenCV)
in one of my past projects and its "Face-Recognition" is what you're after. It is written using native code, but can be easily used with Java, .NET, Android, iOS. All you need is a webcam and a button "Switch User" with the onClickListener that will take a picture and compare it with the images of your employees. Advantage? Once the picture's taken, it gets processed in less than 10ms. And as Timores mentioned earlier, once the face is recognised, you simply switch the session. Simple yet effective solution. Good luck!
maybe you want to think about using barcode scanner... probably you already have this device on POS ... my software for bars and restaurants use barcode scanner to recognize users. You have 2 options for using: first, user must log in with own barcode card, then he can use the application ... the second is better, everyone can use application, but to print the receipt user must use barcode card. After then he is responsible for that amount on this receipt.