I'm in the process of developing a registration/activation system for my current application in development.

I have some knowledge in PHP and mySQL and I have designed a structure for activation of my software on my companies website.

The user goes to our website to buy the software online. After entering their credit card information our php program gives them a vendor id number.

After installing the software they can click the activate button. In the activate form they are prompted to enter their vendor id and name. They then click next to procede to another screen. On that screen it gives them a product id number that is encrypted based on some hardware on the PC and their vendor ID.

It instructs them to visit our website and enter their name, vendor ID, and product ID. After entering this information they are given a Activation ID.

This activation ID is then entered into the program to activate it.

All aspects are securely encrypted. Does this ID sound secure?

I basically want the program I'm developing to sell itself.