It could work like license keys for software before the internet. In this case it could be made a bit better if tied to a hardware identifier and verification could be done in hardware based on some unique id thing.
The problem then of course is that how much of the actual functionality goes through that "protection module"? They can put some hardened super secure module but if it just connects into the main functionality via a 1/0 wire, then the bypass will just be to cut that wire and install a fix there. (I've seen that in software as well, fancy shamncy public key license check followed by a simple "if not verified, then disable feature" check in main code).
I think the important part here is the legal protection. Sure they know people will bypass it. But they also know that they can no go after some (larger companies) if they need to and sue them because now the law is in their side.
The problem then of course is that how much of the actual functionality goes through that "protection module"? They can put some hardened super secure module but if it just connects into the main functionality via a 1/0 wire, then the bypass will just be to cut that wire and install a fix there. (I've seen that in software as well, fancy shamncy public key license check followed by a simple "if not verified, then disable feature" check in main code).
I think the important part here is the legal protection. Sure they know people will bypass it. But they also know that they can no go after some (larger companies) if they need to and sue them because now the law is in their side.