New Study on the Changing Face of Video Content Security October 23, 2012Posted by Bill Rosenblatt in Conditional Access, Services, Video.
Farncombe Technologies, a pay TV technology consultancy based in the UK, has just released a white paper called “The Future of Broadcast Cardless Security.” The white paper incorporates the results of a survey of pay TV operators, content owners, security vendors, and device makers on pay TV security concerns today and in the future.
Operators of pay TV (cable, satellite, and telco-TV) networks have put more money and effort into digital content security than any other type of media distributor, certainly more than any digital music or e-book sellers ever have. That’s because the economic incentives of pay TV operators are aligned with those of content owners such as movie studios and TV networks: operators don’t want their signals stolen, while content owners want to minimize unauthorized use of the content that travels over those signals.
For a long time, the technology used to thwart signal theft was the same as that used to guard against copyright infringement: conditional access (CA). Life was simple when cable companies operated closed networks to dedicated set-top boxes (STBs): the content went from head ends to STBs and nowhere else. In that situation, if you secure the network, you secure the content. But nowadays, two developments threaten this alignment of incentives and thus blow open the question of how pay TV operators will secure content.
First, the model of so-called piracy has changed. Historically, pay TV piracy has meant enabling people to receive operators’ services without paying for them, by doing such things as sharing control words (decryption keys in CA systems) or distributing unauthorized smartcards for STBs. But now, with higher broadband distribution and technologies such as BitTorrent, people can get content that flows over pay TV networks without touching the pay TV network at all.
Second, operators are offering “TV Everywhere” type services that let users view the content on Internet-conneted devices such as PCs, tablets, smartphones, and so on, in addition to through their STBs. They are doing this in response to competition from “over the top” (OTT) services that make video content available over the Internet. Operators have less direct incentive to protect content being distributed to third-party Internet-connected devices than they do to protect it within their own networks.
The Farncombe study predicts the likely effects of these developments (and others) on pay TV security in the years to come. According to the survey results, operators’ primary piracy concerns today are, in order of priority: control word sharing, rebroadcasting their content over the Internet (illegal streaming), and downloads of their content over the Internet (e.g. torrents); but in five years’ time the order of priority is expected to reverse. The threat of bogus smartcard distribution is expected to diminish.
The intent of this whitepaper is to motivate the use of pure software security technology for pay-TV networks, i.e., schemes that don’t use smartcards. So-called cardless security schemes are available from vendors such as Verimatrix, which sponsored the whitepaper. They are cheaper to implement, and they now use software techniques such as whitebox encryption and code diversity that are often considered to be as strong as hardware techniques (for more on this, see my 2011 whitepaper The New Technologies for Pay TV Content Security, available here).
However, the whitepaper also calls for the use of forensic Internet antipiracy techniques instead of — or in addition to — those that (like CA) secure operators’ networks. In other words, if piracy takes place mostly on the Internet instead of on operators’ networks, then antipiracy measures ought to be more cost-effective if they take place on the Internet as well.
The paper advocates the use of techniques such as watermarking, fingerprinting, and other types of Internet traffic monitoring to find pirate services and gather evidence to get them shut down. It calls such techniques “new” although video security companies such as NDS (now Cisco) and Nagravision have been offering them for years, and Irdeto acquired BayTSP a year ago in order to incorporate BayTSP’s well-established forensic techniques into its offerings. A handful of independent forensic antipiracy services exist as well.
This all begs the question: will pay TV operators will continue to put as much effort into content security as they have done until now? Much of pay TV networks’ offerings consist of programming licensed non-exclusively from others. The amount of programming that is licensed exclusively to operators in their geographic markets — such as live major-league sports — is decreasing over time as a proportion of total programming that operators offer.
The answer is, most likely, that operators will continue to want to secure their core networks, if only because such techniques are not mutually exclusive with forensic Internet monitoring or other techniques. Yet operators’ security strategies are likely to change in two ways. First, as the Farncombe whitepaper points out, operators will want security that is more cost-effective — which cardless solutions provide.
Second, network security technologies will have to integrate with DRM and stream encryption technologies used to secure content distributed over operators’ “TV Everywhere” services. The whitepaper doesn’t cover this aspect of it, but for example, Verimatrix can integrate its software CA technology with a couple of DRM systems (Microsoft’s PlayReady and Intertrust’s Marlin) used for Internet content distribution. Licensors of content, especially those that make exclusive deals with operators, will insist on this.
The trouble is that such integrated security is more complex and costs more, not less, than traditional CA — and the costs and complexities will only go up as these services get more sophisticated and flexible. Operators may start to object to these growing costs and complexities when the content doesn’t flow over their networks. On the other hand, those same operators will become increasingly dependent on high-profile exclusive licensing deals to help them retain their audiences in the era of cord-cutting — meaning that content licensors will have a strong hand in dictating content security terms. It will be interesting to see how this dynamic affects video content security in the future as it emerges.