How active streaming protection can ensure service security

secure football new
As operators migrate their service to an IP environment new challenges arise. Tim Pearson recently spoke to IABM TV to explain these challenges, and the unique approach NAGRA has developed to help operators overcome them.

As operators extend or migrate their service to an IP environment new challenges arise. Unlike traditional linear TV, the network and endpoint devices are not controlled by the operator, opening them up to new threats and challenges.

Tim Pearson, Senior Director, Product Marketing at NAGRA recently spoke to IABM TV to explain these challenges, and the unique approach NAGRA has developed to help operators overcome them.

What are the main security challenges facing service providers who want to launch or extend OTT and D2C offerings?

The biggest challenge facing service providers and content owners with D2C offerings stems from today’s landscape. Very different from a more traditional service delivery model, the migration to an IP environment is creating a mounting list of security challenges.

Whereas operators previously had an effective line of sight to the set-top box at the end of their network – all of which they could relatively easily manage – this migration to IP means the content goes through more of a maze, with the route to delivery less known. As a result, more threats can appear, there are more security challenges, which in turn opens up a significant number of new challenges that may have been unknown previously.

How can service providers move from protecting content to protecting their entire service? What’s wrong with using existing DRMs?

Existing DRMs can and will continue to protect content. However, that only provides the content protection aspect of the security makeup. An IP distribution model has significantly more surface area than we would have seen in a more traditional broadcast environment. The result is that, as the content journeys through that maze of delivery, there is a greater potential for security threats and pirates along the way.

Whilst content protection mechanisms, such as DRM, will secure the content on the end device, it is liable to be intercepted along the way. Operators therefore require a comprehensive security strategy, such as secure clients, mitigating threats, good intelligence, and what to do in a legal environment, to ensure that that IP capability is protecting the service as well as the content. NAGRA’s approach is a proposition we call active streaming protection.

What are some of the different tools within Active Streaming Protection providers can use to protect their services?

Active Streaming Protection is an approach that NAGRA has identified to help operators embrace the OTT world, particularly as more extend into D2C services. Within the toolset of active streaming protection secure clients are certainly important, but it depends on the operator’s content catalogue to identify the next level of protection they want to add to address new threats.

If, for example, an operator has premium sport or the content owners are mandating the use of watermarking technology, there is a suite of NexGuard forensic watermarking solutions available to fit their specific requirements. Another operator may be facing challenges from pirates, or believe they are facing a threat of piracy. NAGRA Anti-Piracy Services will show where those threats are coming from, the type of the threat, and the proposed protective and mitigative actions to take.

Active streaming protection is not just about defence though. The offence – delivering the additional business value – deploys a series of business logic tools to identify what solution will work best for both the consumer and operator, for example considering the number of devices per account or the level of concurrency.

All of these solutions are bound with and feed into an overall analytics solution that is pulling in all the data from the different tools that are being deployed, enabling operators to gain a holistic view across their service to understand its status effectively. Combined, all of these tools can form the overall security strategy, helping operators to understand how they can secure the entire service in a pragmatic way that will mitigate the threats to the offering.

Has the framework been deployed with any operators?

We’re seeing a great reaction to our active streaming protection approach with our customers and the wider market. Many like the straightforward way in which it provides them with a clear strategy to protect their service and how the approach means it can be tailored directly to their needs.

Since September 2019 we have been working with Wynk, a subsidiary of Bharti Airtel, India’s largest integrated telecoms company, to secure its Airtel Xstream app as it expands. To date, over 1.5 billion multi-DRM licenses have been served via the NAGRA cloud.SSP to manage concurrent sessions, device authentication, forensic watermarking, anti-piracy services and other important aspects of the service – all key elements of the active streaming protection toolset.

This milestone also marks a record number of multi-DRM licenses served by NAGRA cloud.SSP, and is a clear demonstration of how the right solutions can help reduce complexity, seamlessly scale, react to the needs of consumers and connect consumers to the content they love on any device – and in a highly secure environment.

We’re also working with an entertainment provider in the USA and a sports league in Europe, with more to be announced soon.

If the service changes or grows, what options are available to service providers in order to stay protected?

That’s the beauty of active streaming protection. The approach allows us to turn on new technologies for the operator as the service grows. Starting with multi-DRM or watermarking as a baseline, you can start adding new capabilities as required. Crucially, this means that we can unlock and enable new technologies for operators as their business needs it.

From a value perspective, active streaming protection means operators don’t necessarily need to make a massive upfront investment in technology then wait for it or a threat to appear. Instead, they can invest as and when they need to, meaning that service protection can grow in line with the service itself.

It’s clear there are many different threats to a service. How do operators know which threats to prioritise?

No two services are exactly alike. Each has their own architecture, business model and threats as a result. To help them identify those most pressing threats we also have a model called RADAR. Against different axes, we can plot the level of protection vs. the level of threat that an operator is facing today. Working with the operator, we can then identify where there are some potential vulnerabilities in their current service security. Then, working in concert with our active streaming protection approach, we can help operators combat the most pressing threats now and prepare them for those likely to emerge in the future.

Contact us to find out more about how NAGRA’s active streaming protection approach can help you protect your service.