Protect communication between WCF client and service

I have a WCF service with one method:

[OperationContract]
bool VerifyLicense(string clientId开发者_JAVA百科, string license);

This is hosted on a public web server. When called from an app deployed on a client Intranet, it checks whether that client has a current license to continue using the app.

However, presumably it would be quite easy to intercept this and just return true.

What would be the easiest way to protect against this? Would encryption work? Please provide a code sample because I've never used encryption before. I can't make sense of some of the stuff thrown up by Google... certificates, etc. Is there an easier way?

By default, all communications in WCF is a) encrypted, and b) signed, so you should be on the safe side... (you can choose to turn this off - but it's on by default)

Resources:

• Fundamentals of WCF Security
• Practices at a Glance: WCF Security

and in particular
- How to: Enable Message Replay Detection