Discussion earlier with about 70 comments if anyone wants to read them.
This is my comment from that thread:
Probably the best solution would be to switch to recurring in-app subscription to the online service. This is I think easier to verify and harder to pirate and should align the revenues with the costs (avoiding getting nice sales up front and not being able to sustain the servers in 18 months time).
Some hacks might work if they don't want to go down this route like issuing an update that contacts the server for a unique ID on first run and treating those that don't update quickly as suspicious - request them to email the iTunes receipt or something.
How quickly is regarded as suspicious could be worked out by looking for when there is a divergence between installs (and unique ID requests) and the daily update totals the app store provides. Duplicated IDs should be easy to detect it they access the service later.