Online video content is incredibly popular nowadays due to its convenience and variety, but not everyone is willing to pay a monthly subscription fee for this service. Since many of them opt to get access to premium content via illegal services instead, the video entertainment industry has become a profitable game for pirates.
While there are many ways pirates steal content, key extraction is one of the biggest headaches encountered by this industry. Are you curious how this trick is implemented and how it undermines the streaming service provider’s business? Explore in our article!
Most streaming service providers rely on a technique known as Digital Rights Management (DRM) to ensure paying consumers can view only the content they subscribed to and in the regions where the provider controls the rights. This helps to encrypt their copyrighted and premium content in order to stop pirates from freely distributing it.
In short, the DRM framework is designed to protect the keys used to encrypt the content from being exposed, even to the user. The client-side server receives a header file with only the metadata regarding the encryption scheme. The metadata is then delivered to the Content Decryption Module (CDM) – placed in the user’s device – to retrieve the keys from the license server. After which the client is provided with a license (including the decryption keys), that the CDM will use to unlock the content and enable the user to watch their premium selection.
The DRM offers different levels of content protection depending on whether it uses hardware security or an isolated – and secure – Operating System (OS). The former provides the highest level of protection, since cryptography and media processing operations occur inside a Trusted Execution Environment (TEE). With the latter, the protection is reliant on the software DRM being embedded into the OS without a TEE to run the encryption, making the device prone to hacking and breaches.
For that reason, many devices in use today that lack hardware DRM protection and rely solely on their OS protection are more vulnerable to cyber attacks, including content key extraction.
How do pirates operate with content key exploitation? (click to enlarge)
In the above diagram, the process of content key exploitation is explored in full, including how the pirates interact with the operator’s infrastructure. To summarize, with access to vulnerable devices, pirates can easily bypass the CDM and extract the content keys using decryption tools widely available online. The keys are then publicly shared on any pirate site. As a result, any Internet user can access premium video content without paying a subscription fee to the service provider.
With content encryption keys in hand, pirates can now deliver illegal services with all your premium content freely accessible. It leads to a huge loss in revenue and increased Content Delivery Network (CDN) costs for your services.
However, addressing this issue is still a difficult challenge and can end up causing service providers more harm than good if not handled properly. A ‘blanket approach,’ like revoking compromised devices from accessing video content to combat piracy, would be highly impactful both to their legitimate subscribers and the service provider. Millions of authorized subscribers could see their service cut off, generating customer frustration and flooding call centers with complaints, potentially resulting in churn and tarnishing the service provider’s reputation.
Luckily, yes!
To avoid the reputational and operational impact of a blanket approach, a protective solution is needed to enable service providers to deal with piracy directly, instead of relying on the device’s OS software DRM to secure the content on vulnerable devices.
With Irdeto ActiveCloak for Media (ACM), the content decryption bypasses the device’s OS software DRM, taking place inside the video application itself instead. Unlike proprietary DRM-based solutions in the market, ACM works with any DRM server vendor, eliminating costly custom integrations. Its renewable security provides increased agility, deploying quickly and responding efficiently to piracy attacks. It protects against pervasive threats to software security, including reverse engineering, software tampering, copying/cloning and automated attacks, while safely encrypting and decrypting data and communications.
Contact us to learn more about our ACM and how it can help you protect your content!
Streaming content on pirated websites has become easy. But as an OTT provider, it's not great news for you. How can you protect your content?
As routers become more advanced and take a greater role in delivering advanced services, they also become an even more attractive target for bad...
Provide your customers with an automated, safer and smoother Electric Vehicle (EV) charging experience - with Plug and Charge!