Internet delivered video services present content providers and operators with promising new revenue opportunities, but implementation and maintenance of these services adds increased complexity and significant costs in the short-term. Security for these services also has to the growing range of consumer electronics and mobile devices that are the dominant ways of accessing media content.
The over-the-top (OTT) video landscape today is muddied by an overall trend towards apps rather than browsers for accessing content, simply because tablets and smartphones have clearly been established as the second screen of choice for long-form and live contentviewing. Operators have embraced the app model for their branded services because apps put them fully in the driving seat of content access, discovery and also security.
Even as HTML5 matures, the browser interface shows signs of becoming a battlefield of competing technology interests that will complicate rather than simplify service profiles. Google is being particularly aggressive in this respect by advancing their own technology agenda across Android devices, Chrome browser instances and even the YouTube services that compete with other operator’s offerings. This is complicating the task of reaching all target platforms for OTT content delivery, at a time when rate of deployment is accelerating.
As consumers demand support for more devices to access their preferred OTT services, and will continue to refine their criteria for what constitutes a premium quality of experience. They will want increasingly transparent access to all service content and many cross device features, such as favorites and preferences, without intrusive username/password roadblocks. In the face of such demands, operators themselves will want to focus on innovative solutions and demand from their technology partners more operational simplicity—including a single point of integration for subscription management and service security.
A Path Forward: What Operators Need
With the idea of just one DRM long abandoned, operators are now seeking a more coherent implementation model - a single rights management system to simplify OTT service deployment and insulate them against changes in underlying content security technology implementations. The quest is for a common way of expressing rights in a standard format that can then be translated for implementation of actual consumption constraints against whatever DRM is running on the end user’s device.
The ability to serve any target device and deliver over any network, fixed or mobile, is becoming essential. An OTT ecosystem incorporating robust revenue protection security should therefore work across multiple delivery networks, operating system platforms, and client device security implementations.
The differences between each type of client implementation must be transparent to operators and the harmonization mechanisms incorporated into their head-end architectures. The expression of business rules required by content licenses and consumer service propositions must be consistently applied, and correctly interpreted in the technical manner in which rights are actually enforced on the end device.
OTT security must be demonstrably strong in order to convince premium rights holders that their assets can safely be delivered over the open Internet to unmanaged devices. It must therefore include the advanced protection technologies found in managed IPTV and DVB pay-TV systems, but with additional features specific to the OTT domain. These include optimization for adaptive service delivery, full asset entitlement checks before decryption keys are delivered to clients, and support for flexible business models enabling recycling of licenses.
Strong revenue security is essential for premium OTT services, but it must not stand in the way of a good user experience (UX). It has always been a challenge for security to be implemented in a manner that is consistent with the consumer’s understanding of the rights and restrictions that they have been promised when they signed up for the service. But there are a number of extra challenges for multi-device OTT services—most critically, a consistency of behavior between devices. If a consumer bumps up against arbitrary, implementation dependent restrictions on rights across devices, the overall effective is corrosive to the UX and to the overall service value proposition.
Consumer unfriendly security implementations are of course of the things that have given DRMs a bad name in early services. Things that appear to be logical and transparent to those who implement the service may be frustrating and incomprehensible to the user community. This is one issue with security that has been bolted on late in the development stage rather than being incorporated with the user interface during specification.
Outsourcing the Management of Multiple DRMs
Operators want to focus on their core business objectives of acquiring strong content, delivering a top quality user experience and developing revenue through both subscriptions and advertising. Outsourcing the management of multiple DRMs on an OTT service to a “black box provider” will avoid diverting attention from these core activities.
Working with a security specialist will also ensure future-proofing by staying ahead of emerging security and other relevant technologies. Verimatrix offers this black box service through our MultiRights™ branded solution as part of our VCAS security platform, which arbitrates rights management across device types and DRM formats. MultiRights caters to the continuing existence of multiple DRMs, which is essential given that attempts to create a single one-size-fits-all DRM free from royalties have failed. Many devices in any case have embedded legacy DRMs for historical reasons, which at least avoids presenting a single point of attack should the DRM get “broken.”
MultiRights spares operators the need to integrate each of the different device platforms separately. Verimatrix provides a common rights management strategy with intelligence residing in the head-end, recognizing the receiving device, the DRM it has, and what the response should be. It then identifies the keys to use and the underlying cryptography. We create a “super domain” within a unified entitlement system embracing multiple single DRM domains.
As OTT continues to proliferate over the next few years, operators will be challenged to unite multiple networks, platforms and DRMs within a single harmonized rights management system. For more information on how operators can outsource these challenges and increase revenue security, please download our guide on “Making Sense of OTT Revenue Security” at www.verimatrix.com/ottguide