Registration System, Do I need both in app and internet validation?

I am working on a registration system for a desktop app. Before I only had in app validation where the user name and email address were tied to the key and only verified when typed into the program.

I am working to setup a new system where the registration information is stored in an online database and when the user registers the database checks to see if they have a license available to register.

My question is ... do I still need to check the re开发者_如何学Gogistration information in the app or can I solely depend on the internet verification?

I understand that the user will need an internet connection to register, that isn't a problem.

The pros of an internet only registration are that I don't have to come up with a complicated scheme to tie together the name, email, and key inside of the application. Rather I can simply generate a random token and use that as the registration key that will be validated over the internet.

---

Think about it: The security of your application still depends very much on what you implement in your desktop application. If you generate a random key and store it in a database on your server, the application still needs to have a way to check it and enable/disable features, based on the registration status (I'm assuming you are aiming for some lincensing scheme here).

If this check is done in a very simple way, it might be easy to thwart, thus enabling a user to provide the application with fake registration data, for example by using a proxy.