Optimizing Security to Deliver the Best Content on Every Screen

Author: Marc Rochat , Principal Customer Architect
(Extract from our latest white paper “Optimizing Multiscreen TV Delivery with a Secure Video Player”)

Pay-TV service providers typically seek to license the best available Hollywood and live TV content, which implies high protection requirements as rights holders are wary of piracy and its impact on the business model of the entire content value chain. In this context, optimizing content security, and particularly DRM use, is key to success. Our latest post explores the different aspects service providers need to look at in implementing a multiscreen content security in order to deliver the best content on every screen.

Approved DRM Products and Robust Client Implementations
Delivering HD content to high-resolution screens including tablets, PCs, and game consoles requires the use of various pieces of technology to maximize content security. This includes advanced content protection technology based on DECE and DTLA studio-approved DRM products, as well as sophisticated software techniques such as whitebox cryptography,
secure video paths, sunrise key change, output control, software obfuscation and hardening, and – when available – Hardware Root of Trust to ensure the proper client implementation of the DRM module and the overall security of the client platform.

In the browser environment, the World Wide Web Consortium (W3C) has worked at defining a secure architecture for implementing DRMs using either the native HTML5 Embedded Media Extension (EME) or through secured plug-ins.

DRM Vendor Choice
With EME and CENC, content can be encrypted once at the head-end and multiple DRM servers can be used to
generate licenses for specific DRM clients. However, the DRM implementation carried out by browser vendors
such as Google has tended to be restrictive for service providers: only one DRM is natively supported. Thus they
are implicitly forced to use a proprietary consumer device DRM such as Google Widevine. Fortunately, newer generation browser plug-in frameworks such as Chrome PPAPI – that include auto-update capabilities – can also be used, thereby avoiding a total dependency on a single DRM vendor; this is the approach that NAGRA has taken. However, some less widely deployed devices, such as the Microsoft Xbox games console, support only PlayReady, without allowing the option of implementing another DRM product.

As a result, service providers find themselves forced into relationships with multiple DRM vendors, one for each vendor-controlled platform on which they want their content to play out. This has three major implications :

  • It increases the complexity and costs of content rights negotiations;
  • Some content may not get the same rights, or face a different liability on different platforms ;
  • Service providers are left with little control over the way that the DRM products evolve on a given platform.

Optimizing this increasingly complex environment is a key requirement.

Support for Multi-Usage Scenarios
Another important issue concerns content-usage rules. For Hollywood studios and other rights holders, the rights to view content on a small screen are worth significantly less than those for viewing the same content in HD on a large flat-panel display. Preventing users from casting content without authorization has become a big concern in rights negotiations. A secure player solution that can manage this requirement and ensure that content is played out on the intended screens as laid down in the negotiated contract (with secure reporting back to the content rights owners) offers significant value to service providers.

Other rules for distributing and sharing content – usually managed by the DRM system head-end and implemented in a secure-player client – can be defined by content type or by device. They need to be securely transported to the device, which means that rooted device and jailbreak detection is also required to ensure that the usage rules are not tampered with.

To learn more about multiscreen content security and choosing the right DRM, download our latest white paper “Optimizing Multiscreen TV Delivery with a Secure Video Player” and contact us at to see how we can help.