Typically, a multi-tier licensing system has a corporate run entity management device along with a customer premise entity device which ultimately issues licenses to client devices. Since these devices are at the customer site, there is an enhanced risk that a nefarious person might try and change entitlements in the license or licenses which have been purchased, e.g. by adding more licenses, changing the license content, or adding more client devices to licenses. Accordingly, there is a need for better security on for license entitlement grants.