Used software for companies – how secure is the blockchain?
The blockchain is increasingly being discussed in connection with the purchase of used software. It’s intended to make trading in used licences more secure, more transparent and traceable along the whole supply chain. But is the encryption technology as reliable for licences from the secondary market as it is for the exchange of virtual currencies?
In the age of bitcoin and crypto trading, the blockchain is supposed to bring absolute security.
As a provider of used Microsoft and Adobe licences, VENDOSOFT GmbH has also looked into the topic in detail. After all, we want to offer our customers the greatest possible peace of mind. To ensure this, we have put our existing processes to the test.
Can the blockchain process be transferred to used software?
The legality of all purchases made by VENDOSOFT GmbH is checked by our licence specialists. Since our company was set up in 2014, an independent auditor has also verified all transactions. This confirms the legality of the supply chain and the full transfer of rights.
We needed to find out whether this procedure still meets today’s requirements – or whether blockchain should be the new method of choice.
The result is different than the reports in the current media landscape would suggest, where mainly used software dealers who use blockchain documentation as a promotional measure express their views. Critical voices are hard to find. While it is correct that the crypto process could theoretically be used to determine whether software licences are indeed only used by the respective rights holder – as prescribed – and not by several users at the same time, this information is only as reliable as the source feeding it into the blockchain.
That this is the crux of the matter can be seen by the example of a used Microsoft Office 2013 volume licence: at the time of its market launch, the blockchain process was still completely unknown in the used software market. If a software dealer buys the licence now, years later, they check its documentation and history. However, they will not find any cryptographically secured chains for the history of this licence anywhere, quite simply because the blockchain did not previously exist.
That seems logical. Nevertheless, some statements circulating on the market for used computer programs claim the opposite. They suggest that the blockchain guarantees absolute security and seamless information. However, the new technology cannot (yet) achieve this in the environment of used software. This would require an independent certification body that verifies the compliance of the traded licences and enshrines them in what are called smart contracts.
An example of an independent certification body would be an auditor.
This is how VENDOSOFT guarantees the propriety of the traded licences
The effort involved in having all software traded on the secondary market verified by auditors using the blockchain process would be immense and is currently hard to imagine. This is probably one of the reasons why the used software dealers who propagate the blockchain act as certification bodies themselves. At least that’s what you can read on the websites of various providers, where even an expert appointed and sworn by the IHK Cologne is quoted as saying: “A reputable used software dealer is perfectly capable of filling the role of a LOB certification body.” (editor’s note: LOB = licence on blockchain transfer procedure). All this means is that each reseller can themselves define what is written into the blockchain of their used licences!
VENDOSOFT boss Björn Orth sums it up: “If you feed nonsense into the blockchain, then nonsense comes out.” However, laypeople wouldn’t necessarily know that that’s the case.
Until millions of used licences available on the market are actually “blockchain-safe” in the distant future, VENDOSOFT will rely on its tried-and-tested cooperation with auditors, who confirm the seamless documentation and lawful transfer of the licences from the previous owner to VENDOSOFT GmbH and on to the new licencee. Incidentally, we use the same procedures as Microsoft, whose audits are also carried out by auditors.We know from experience that they place greater trust in their own profession than a technology whose content has been defined by a questionable body.