It is important for streaming services to ensure that their assets are protected and don't fall into the hands of illegal re-streamers or on Torrent websites. With the global COVID-19 pandemic, there is a rise in video viewership and correspondingly, an increase in the number of attacks on video streaming services and in video piracy.
Piracy denotes a loss in income for creators when content is stolen. This is especially true for TVOD operators whose monetization strategy depends on users purchasing tickets for a streaming event. If a pirate manages to download the video and streams or re-streams it illegally, then it amounts to lost sales, or revenue for AVOD and SVOD operators.
Additionally, when streams are stolen and illegally streamed, it results in resource consumption costs (CDN, packaging, etc.) without any returns - either in terms of subscriptions, ticket sales, or ads.
When content providers make losses on video streaming, there is a ripple effect on the industry which can be traced back to the crews producing the movies - the entire production chain is impacted by the actions of a few!
So, how do you, as a video streaming provider, protect your content and ensure that everyone involved in the production and delivery process is fairly compensated.
There are two important pieces of technology that can be used in this process - DRM and Watermarking. Though they work differently, they have the same purpose - preventing video piracy and tracking down those involved in it.
In this article, let's take a look at these two technologies and learn how to use them effectively to combat video piracy.
What is DRM or Digital Rights Management?
Digital rights management (DRM) is a technology that is employed to protect streaming and downloadable video content. In addition to protecting your video content, DRM also enables content distributors to decide who can access the content, when, from where, for how long, and on which device(s).
DRM is implemented with the use of encryption and decryption (typically, AES-128) to prevent unauthorized access to video content at any point in the process. A video is encrypted using a key that is stored securely with a DRM platform typically operated as a SaaS offering. Each time a DRM-protected video needs to be played, the video distributor triggers a DRM license key which is sent to the end-user’s device for decryption and playback.
At this point, the DRM platform’s licensing API evaluates the request to check if it is coming from an authentic source or not. The licensing API checks if it is formed properly and does it contain the proper license rights inside the request for the flavor of DRM being used. Once the license request is successful, the licensing API returns the license key with the rights embedded inside. This enables the player to decrypt the video and play it back to the end-user while enforcing the distributors’ rights.
For more details on how DRM works, check out our white paper that walks you through the basics and advanced concepts of DRM here.
Popular DRM technologies include Apple Fairplay, Google Widevine, and Microsoft PlayReady. To use these technologies, typically, you would contact a DRM vendor who would be certified to provide these technologies. And, more often than not, you would end up using more than one DRM to serve all the devices that your customers can use to access your content - this is called multi-DRM.
What is Digital or Video Watermarking?
Digital Watermarking is a tool in content protection and traceability that makes it easy to track who, where, and when the movie was leaked in the event of piracy.
There are different types of watermarking and a couple of popular ones are
- Watermarking by embedding an imperceptible code in the stream. This is done on the server side and is done in such a way that the code cannot be removed by any image processing or re-encoding techniques.
- Client-side watermarking where the client basically applies a watermark (mostly invisible) onto the video stream and then plays it back. This is usually in conjunction with additional technology to protect the app that is going to apply the watermark and its associated keys/secrets.
- Serving a unique stream to every subscriber (session-based watermarking or A/B watermarking).
- In session-based watermarking, each video streaming session is unique as it delivers a different version of the video segments to every subscriber, creating a fingerprint..
- Two sets of each asset are created (called A & B), that are identical to the human eye but, in reality, they are different!
- Depending on the subscriber ID, the chunks are delivered based on a predetermined pattern. E.g., ABAABBAAA ...
- Thus, every subscriber receives a slightly different version of the movie - visually, the movie is the same, but a dedicated piece of software can discern the pattern easily.
Thus, when a movie is leaked, forensic investigators can examine the pattern of the segments and determine which subscriber ID was used to leak the movie.
DRM + Watermarking for Secure Assets
Now that we have an understanding of DRM and Digital Watermarking, we can consider using both technologies for protecting our assets and preventing digital pirates from illegally downloading and streaming our technology.
As we mentioned earlier, DRM technologies also allow you to specify rules that govern when, where, and who has access to your digital content. You can for example set rules that
- Block access to people from certain countries (geo-blocking).
- Block playback of high-bitrates and high-resolutions in devices that can only support the weakest form of protection (i.e., no hardware-level DRM).
- Set a time period during which the content can be accessed - this is very common for content providers that offer movie rentals.
- Prevent screen-casting.
- And much more!
In addition to the use of DRM, it is also recommended to use Digital Watermarking technologies to find out the offending streamer - the one who illegally downloaded the stream by possibly circumventing the DRM protection.
There are a couple of ways to watermark content and one is to embed an imperceptible code into the content that only the player can detect to verify and confirm who is streaming the content. The code is so designed to be irremovable and impervious to attacks such as resizing, scaling, re-encoding.
But the problem here is that if you want to identify the video delivered to every single subscriber uniquely, you need to create multiple copies of the content with a different code in each one of them. This is expensive to do in terms of storage and processing costs.
An alternative is to use Session-based watermarking that we looked at earlier in this article. The advantage of this option is that every streamer receives a stream unique to their subscriber ID in the system. So, no two streamers receive the same set of segments and this makes it possible to analyze the pirated movie to try and identify who illegally downloaded the stream!
Thus, with a combination of DRM, business and license rules, and session-based watermarking, your streaming service stands a great chance at preventing piracy and ensuring that your business rightfully can make money for the services you provide!