How to protect my software

Almost nothing you can do about it. Although the source doesn’t get packaged with the product, people can repurpose it.

You can encrypt the PAK file, but somebody determined can break that using the engine source. You can avoid that problem by changing the source, but is it really worth it.


I’ve recently finished a project. The software is intended for internal use in the company. When distributing the packaged project, is it possible to reach the source code from that package? Or is that already protected?
For example if somebody from a different company got their hands on a copy and wanted to change the logo’s so it would be their company’s logo, is there a way to prevent that? Or is such protection already built in?


Hi ClockworkOcean,

We tried the encryption settings inside the project settings. However, we have the feeling it doesn’t actually work. It’s supposed to encrypt all and the .ini file is updated but looking at the total file size and performance, after packaging, nothing has changed. Nobody seems to know much about the encryption option inside the engine. I would expect more game devs to also prevent their game from being reverse engineerd (or at least discourage attempts doing so), but we don’t really know how.
We’ve posted another thread in the past about these encryption settings, but didn’t get any response:

Have you used the encryption in the project settings before and do you have any documentation on how to use it?

To be clear, encrypting the PAK will not make any difference to people pirating your game. That’s because your EXE will open the PAK. The only thing encrypting the PAK achieves, is to stop people stealing the assets in there.

So, even if you do encrypt, once you put the game on steam ( or wherever ), it will be on a torrent within 24 hrs. Steam has an option to ‘obfuscate’ the EXE, this also can be circumvented by an automatic process. It will, however, stop people just copying the game to their mates PC.

To your questions, I think UNREALPAK.EXE will tell you if the PAK is encrypted or not. I agree, the docs on packaging in general are sorely lacking. I haven’t used encryption, for the reasons stated above.

You can come up with some sort of bespoke solution, such as checking in with Steam ( or some other server ) on startup. Checking with Steam doesn’t help much, as people can run a fake server on their machine.

In the end, the only thing that really keeps people using the legit version is engagement. Again, with Steam as en example, this would be something like achievements. Also updating the game and offering additional content and patches etc.

I see people streaming pirate copies of my game and cursing various aspects of it, but they are running V1.0. What do they expect? Everything they are complaining about was fixed a long time ago. If they want that sort of gaming experience, it’s up to them.

Hope that helps.

1 Like

Hi ClockworkOcean,

thanks a lot for your elaborate answer.

As a university, we create applications for our students which we will distribute to them directly, outside the Steam process and free-of-charge. However, we are still discussing the best way for distribution as we still want to have some control on our intellectual property and prevent others from tampering with our application. Our main concern is that we don’t want people to reverse engineer our application or at least not make it too easy to do so.

It’s true that registered users should be rewarded e.g. receive patches while others (pirate copies) may not. We are also looking at the patch and distribution process in that respect.

If you are not looking to distribute via Steam, you might want to look at a License Manager such as ours (but there are plenty of other vendors out there). We do have a C+±based wrapper, and are currently revamping our plugin for UE so your use-case should apply quite nicely.