To Help Protect Resellers and Customers, Microsoft Takes Action against Sale of Counterfeit Certificate of Authenticity Labels

REDMOND, Wash., Nov. 30, 2004 — If a person were to randomly select four computers or standalone components from around the United States, nearly one in four — 22 percent — would contain counterfeit software. If a person did the same in other parts of the world, more than a third — 36 percent — would contain illegally acquired or copied versions of software, according to a study released by the Business Software Alliance, an organization that represents the commercial software industry and hardware partners, and IDC.

Bonnie MacNaughton, Senior Attorney, Law & Corporate Affairs Group, Microsoft

Microsoft has strived for years to reduce the prevalence of counterfeit software, employing a combination of novel technology safeguards, education and enforcement of its intellectual property rights and those of other software makers.

The company’s latest anti-counterfeiting campaign uses a similar approach to crack down on the use of counterfeit or “standalone” Certificate of Authenticity (COA) labels — one of the newest methods employed by unscrupulous software resellers to deceive people and businesses into buying phony Microsoft software.

To learn more about this anti-piracy campaign, PressPass met up with Bonnie MacNaughton , a senior attorney in Microsoft’s Law and Corporate Affairs group, and David June , the director of Development and Business Relations for Northwest Computer, a Microsoft software reseller based in Bellingham, Wash. June sits on the Microsoft Partner Advisory Council, a 15-member board that represents about 20,000 system builders around the U.S. and provides input on Microsoft’s efforts to support its partners in the software sales and distribution channel.

PressPass: What is Microsoft announcing today?

MacNaughton: We are announcing the first results of a new, ongoing campaign aimed at cracking down on one of the ways consumers and businesses are tricked into buying counterfeit or illegal Microsoft software. Namely, we are taking action against computer resellers who use counterfeit, or misuse legitimate, Certificate of Authenticity (COA) labels — the labels attached to every PC with legitimate Microsoft software or the packaging of legitimate standalone software.

We have spent the past few months determining the extent of the problem, identifying individuals and businesses at the heart of it and trying to educate them about the proper use of COAs. And, beginning today, we are taking legal action against some of the most egregious offenders.

PressPass: Can you tell us more about COA labels and the role they play?

MacNaughton: COA labels are a tool we introduced to help our customers determine if they have purchased genuine Microsoft software and components. They are rectangular-shaped I.D. tags that are adhered to the exterior of the computer chassis by hardware manufacturers and system builders as a visual identifier that assists in determining whether Microsoft software and components are genuine. They also are prominently featured on the packaging of genuine full-packaged software products.

You can think of COAs as the software’s fingerprint — or something similar to a car’s vehicle identification number. Each COA label is unique, and includes a product-activation key or other type of unique code that corresponds to the individual piece of software it was created to accompany and authenticate.

Just as you can’t legally swap license plates on your car with your neighbor, COA labels can’t be switched between different pieces of software. Nor can they be traded or sold separately. They are worthless if they are paired with any piece of software other than the particular one that they were created for. And any Microsoft software without a COA or with a mismatched COA is incomplete — and often is counterfeit.

PressPass: So why does software need a “license plate?”

MacNaughton: Unfortunately, counterfeit software has become so pervasive that our customers need a way to know they are getting everything they paid for and nothing they didn’t. In other words, they need to know they are receiving all of the necessary software components, software upgrades and technical support that come with legitimate software — and not getting the damaging code or viruses that can be found in counterfeit products.

Just as importantly, 96 percent of Microsoft software is sold by our partners around the world. When used properly, COAs allow our partners to prove to their customers that they are delivering what they are distributing.

David June, Director of Development & Business Relations, Northwest Computer

June: COA labels are not only necessary; they are vital. Counterfeiting can no longer be viewed as an `innocent’ crime committed by individuals who share copies of their favorite software or CDs with a few friends. It’s a multi-billion-dollar, illicit, worldwide industry that pumps money into organized crime and countries with lax intellectual property laws. It also drains resources and jobs from countries where the rule of law and moral business practices are enforced. Not only do legitimate businesses lose sales; counterfeiters undermine the value of products and the companies that create and sell them.

PressPass: How effective have COA labels been at reducing software counterfeiting?

MacNaughton: Obviously, COA labels haven’t solved the problem. The Business Software Alliance has determined that more than a third of all of the software in use in the world today is counterfeit. And much of that is Microsoft software.

But we’re beginning to see indications that COA labels and Microsoft’s other efforts to crack down on counterfeiting are at the very least making it harder to sell phony Microsoft software. As more and more of our customers have begun to look for COA labels, counterfeiters have been forced to dedicate significant time and resources to creating bogus COA labels. Also, dishonest software resellers — including some whom we’ve filed suit against today — are trying to make counterfeit or inappropriately installed software look legitimate by pairing it with bogus COAs.

PressPass: What led Microsoft to crack down on the use of counterfeit or misused COAs?

MacNaughton: Every time I attend a conference or meeting with computer resellers, I hear one thing over and over again: They want a level playing field. They tell us they can’t compete with resellers who can undercut them by selling software with bogus COAs at a significantly lower price. They feel like they are being punished because they are playing by the rules.

June: I’m one of those who have complained. When Bonnie told me and the other members of Microsoft’s Partner Advisory Council about Microsoft’s plans to crack down on bogus COAs, there was applause throughout the room.

Counterfeit or misused COAs are a real threat to businesses like mine that don’t misuse COAs or try to trick our customers into thinking they’re getting a legit product when they aren’t.

When resellers or other counterfeiters misuse COAs, they aren’t just taking revenues from Microsoft. They are taking revenues from businesses like mine. We aren’t a multinational corporation. We’re an operation in a small city in the northwest corner of Washington state. We rely on legitimate software sales to pay the salaries of our employees. These employees are my neighbors. In the case of other resellers, these employees are your neighbors.

PressPass: How successful were Microsoft’s attempts to educate the resellers and system builders that you recently found selling counterfeit or misused COAs?

MacNaughton: Many of those we contacted appear to have changed their ways. But with those who haven’t, we are beginning to take legal action. We are doing so to better protect our customers and begin to level the playing field for software resellers who do business ethically. Today, we filed lawsuits against eight computer system builders and distributors who — despite our repeated attempts to get them to change their ways — continued to do business in counterfeit COAs.

We try to never to sue people who operate within Microsoft’s software-distribution channel. We want to convert them to legitimate resellers and system builders. We give them information and notification. We only file lawsuits when they have been given every chance, and they still refuse to comply.

June: Microsoft bends over backwards to get these resellers to change their ways. I’m not sure I’d be so generous. How crazy do you think these people are to risk getting sued by Microsoft? Or how much money do you think they are making — and are unwilling to give up — without a fight?

PressPass: How pervasive have counterfeit COAs become?

June: Every day, I receive as many as 20 offers via e-mail to buy counterfeit Microsoft software or COAs. I forward them every morning to Microsoft’s legal department. Our business also comes across plenty of systems that have counterfeit software or software without COAs. The people or businesses that own these systems always act surprised when we tell them, but most know or suspect that the software is illegal.

Once we notice illegal software, we encourage them to replace it with legitimate software. If they don’t, we stop work because we can’t offer support on these systems. We don’t know if they’ve got the full version of the software or if the software they’re using is made for another market.

PressPass: Apart from COA labels and the current enforcement efforts, what other ways has Microsoft attempted to crack down on counterfeit software?

MacNaughton: One of the most significant ways we try to reduce the use of counterfeit software is to increase the value of legitimate Microsoft software. But we’ve also introduced new protections such as the activation code that we introduced with the Microsoft Windows XP operating system. Users must enter a unique code supplied with each legitimate version of new software in order to make it begin operating. We also load our software on Edge-to-Edge Hologram CDs to make it easier to identify genuine Microsoft software. These CDs feature a three-dimensional holographic image over the entire surface of the CD. This holographic image is part of the CD itself, not a sticker, and counterfeiters have had a very difficult time trying to copy them.

PressPass: Can you be more specific about what consumers and businesses lose when they have counterfeit software or software with a bogus COA?

MacNaughton: For one, they lose piece of mind. As David said, people don’t know if they have a full version of the software or if the software contains viruses or other malicious components. They also aren’t eligible to receive technical support through Microsoft that they may need to resolve any problems they experience with their software. In addition to our online support, Microsoft offers advanced technical support by phone that is available only to customers who can demonstrate they own a legitimate product.

Consumers or businesses whose software doesn’t include a genuine COA also miss out on many of the upgrades and special deals we offer. Programs like Windows Genuine Advantage offer no-charge Photo Story 3 software, MSN Zone games, list-builder service and Chinese date and time service to customers who can demonstrate they own a legitimate, licensed version of Windows XP. More than 800,000 people around the world have signed up for the opt-in pilot program since it was introduced in mid-September.

PressPass: What about security or other vital upgrades?

MacNaughton: No, we draw the line there. While we hope programs like Windows Genuine Advantage will help convince people to use legitimate Microsoft software, we don’t prevent people with counterfeit software or COAs from receiving security or other important updates, such as Windows XP SP2. We offer these upgrades to everyone because we don’t want unprotected versions of Microsoft software — legitimate or not — to be vulnerable to potentially damaging online attacks — or spread viruses to others.

PressPass: How did Microsoft determine the extent of the problem with bogus COAs?

MacNaughton: We’ve been aware for some time of labels made by counterfeiters in Asia who have developed sophisticated systems to create COAs that look similar to those we use.

As part of the current campaign, we looked online and in stores to see what we could find. We ended up buying hundreds of individual COA labels that were being illegally sold separate from software, as well as computer systems with COA labels attached. We then investigated each to determine whether the labels were legitimate.

PressPass: Are all of the bogus COAs made by these counterfeiters?

MacNaughton: No, they aren’t. We were surprised to learn over the past few months that a vast majority of the bogus COAs aren’t counterfeit. We discovered that they are actual COA labels taken from one piece of software and paired with another.

Some of the resellers we investigated are trying to market the software and COAs separately to make additional money. Others are purchasing multiple pieces of software, copying one on multiple machines and selling the additional COAs to resellers who want to make their software appear legitimate.

PressPass: How can consumers and businesses recognize counterfeit or misused legitimate COAs?

MacNaughton: We offer the How to Tell Web site ( ) to help people determine if their software is legitimate. This includes information on how to tell if a COA label is real or bogus.

For example, with standalone software, the COA label is affixed on top of the packaging. The right side of the label should contain a transparent circle — a transparent porthole — with paper fibers around the inside edge and a metallic thread. The word “GENUINE” should be visible on the thread. The background surrounding the porthole should contain the words “RETAIL COA” in blue letters on a white background, displayed in a distorted curve.

An easy way to check the authenticity of this type of COA is to gently rip the edge of the label. The thread is interwoven into the fibers of legitimate labels, not printed on top.

PressPass: How can people determine if they have software with a legitimate but improperly matched COA or another form of counterfeit software?

MacNaughton: If a person is running Windows XP or Windows Server 2003, he or she can visit the Windows Validation Assistant tool on the How to Tell Web site on The assistant can scan your software’s product key to help you determine whether your computer’s operating system is genuine.

But the easiest way for people to help protect themselves is to be choosy about where they acquire their software and apply common sense when they get it. If the price a reseller or other business offers is too good to be true, it probably is. Just as we all know not to buy anything from a stranger who’s selling questionable products from the back of their van, people shouldn’t buy software from unfamiliar Web sites or stores who undercut the prices offered by every other retailer. We maintain a list of authorized Microsoft distributors that people can check if they want to ensure a seller is reputable.

PressPass: What should people do if they discover they have counterfeit software?

MacNaughton: We ask people to check with the company that sold them their software to see if they will replace it with a legitimate product. Or if people prefer, they can report the reseller to us via e-mail ( [email protected] ), phone (1-800-RU-LEGIT) or online ( ).

We investigate every lead we receive, and send out educational letters to companies that appear to be selling unauthorized software. In some cases, we buy some of their products and test them. If we find evidence that they are distributing Microsoft software in an unauthorized way, we send out a cease-and-desist letter and, as a last resort, take legal action — much like we have with the COA investigation program.

PressPass: Do you expect more software companies to begin using COA labels?

MacNaughton: The success of other anti-counterfeiting tools that we’ve introduced in recent years has convinced other software companies to follow our lead. A prime example is the software makers who have already begun to use product activation technology. I wouldn’t be surprised if more software companies begin using COA labels, especially if they begin to experience anywhere near the amount of counterfeiting that Microsoft does.

PressPass: Will the COA crackdown be over when the lawsuits are resolved?

MacNaughton: No, these suits are part of an ongoing effort. We plan to keeping buying systems and looking for standalone COAs — and taking legal action, if necessary. If we can gradually make the playing field a little more level for our resellers, we’re going to do our best to make sure it stays that way.

Related Posts