Denuvo Anti-Tamper is the current de-facto standard for securing DRM schemes on modern titles. Since its original release back in 2014, it has been used to strengthen the DRM of over 150 titles; some with great success, others less so. At its core, it uses various obfuscation techniques, such as unique hardware-based code paths, virtualization, and more, to make tampering with the account-based DRM protection of a game (e.g. Epic Games Launcher, Microsoft Store, Origin, Steam, or Uplay) harder in an attempt to delay piracy. It is embedded in the executable of the game, and only stores licensing data (the "offline token" used to launch the game) separately on the storage drive. This licensing data is typically a couple of kilobytes in size, and is (re)created when the system environment changes enough to necessitate a new token.
Windlands 1 and 2 activation code offline
A consequence of its use of unique hardware-based code paths, Denuvo Anti-Tamper requires an online connection periodically as the system environment of the operating system changes with new hardware and/or Windows updates. While everything that might invalidate the token stored on the storage drive is not fully known, this happens frequently enough for the anti-tamper protection to be described as requiring a periodic online connection every fortnight or so. This is generally not an issue or hindrance for those with an always present online connection, but can be an annoyance for people primarily using roaming data. Players gaming offline for a long period of time can also suffer if proper preparations are not made in advance to ensure the validity of the offline token. The lack of transparency on storefronts regarding this process from Denuvo Anti-Tamper is a hindrance for potential purchasers, as it means people might not be aware of its presence and periodic online requirement before purchasing a game that, after purchase, the purchaser may find unplayable when an online connection is unavailable.
If the online connection fails the user will get a manual "offline" activation option where they can make use of a secondary online connected device to retrieve the corresponding response code, an option not available for either Origin, Uplay, or possibly other supported platforms either. The availability of this second option means a local token generator is theoretically possible for a fully offline procedure, as was confirmed in 2017 with the release of an unofficial offline token generator for Dishonored 2.[42]
The online component relies solely on standardized HTTPS communications and a simple web API, and fully respects and makes use of system-wide proxy configuration and internet settings. Basically the client (the game executable) sends the locally generated request code in the body of a HTTP request message to the online server using the POST method, and receives the appropriate response code back in the body of the response message. This single exchange (one sent request, one received response) is all that is needed for the anti-tamper component of the game executable to generate the appropriate offline token for the system.
2ff7e9595c