We are living in a world inundated with digital content today. More businesses are creating and distributing digital content to meet consumers’ growing appetite. In fact, distributing content has become one way for businesses to generate revenue in the long term. According to Statista, the revenue in the Video Streaming (SVoD) segment is projected to reach US$80.83bn in 2022.
But businesses cannot take this opportunity for granted as the risk of piracy, leaks and theft of restricted content are also higher than ever. Take the film industry for example. According to the Motion Picture Association of America, pirated video generates upwards of 230 billion views a year, with 80% of global online piracy due to illegal streaming services.
So if your business depends on distributing digital content to your users, you will need to think about ways to protect this distribution. This is where Digital Rights Management can be effective.
What Is Digital Rights Management?
Digital Rights Management or DRM is the practice of protecting digital content that one owns and restricting access to unauthorized users to prevent issues like plagiarism and piracy.
In many cases, businesses or even individuals may be looking to monetize the digital files and content that they own. But when an unauthorized user gets access to this content, they may instead be able to gain monetary value from it.
In video streaming, DRM ensures that your video content is encrypted and well protected. The encryption and decryption keys are stored and delivered with specialized techniques, which allows you to set your own business rules and make sure that the content will be consumed only by authorized viewers.
A Brief History of Digital Rights Management
The history of digital rights management goes all the way back to the growth of the internet in the 1990s. There have been numerous developments in the evolution of DRM systems and technology over the decades but here are some of the major milestones.
- 1980s: Software Service System (SSS) was developed by Japanese engineer Ryuichi Moriya, and can be thought of as one of the first examples of DRM technology. It was based on encryption, with dedicated hardware for decryption and allowed users to pay the content owners or copyright holders.
- 1990s: The Digital Millennium Copyright Act (DMCA) is passed in the US, criminalizing the development and sharing of technology, devices, or services with the purpose of circumventing DRM tools.
- 2000s: As Apple’s iTunes grows in popularity, it begins to encrypt its songs with a DRM which restricts access from only three computers and allowed no more than ten copies of a single playlist. And since Apple does not license its encryption technology, only users of Apple devices can play music from the iTunes store.
- 2010s: Apple introduced specifications for FairPlay Streaming, which other platforms could use to protect their streaming services. WIth the rise of Spotify and Netflix, audio and video streaming companies began to adopt DRM technology. These platforms allow users to listen to music and watch shows on their browsers and apps, without having to worry about the content being stolen or pirated.
- Today: The streaming market has become more crowded than ever, with Amazon Prime, DisneyPlus, Hulu, HBO Max and many more delivering copyrighted video to consumers, all the while protecting their content using DRM.
How DRM Works
DRMs work by encrypting the content and ensuring that only authorized users with a decryption key can access the content, through a series of steps. In the case of video DRMs, the process involves the content provider, packager, CDN, DRM platform and the player.
Step 1: Encrypt the content
Encryption is the most basic and key step in the whole DRM procedure. After encryption, no one can easily read or pirate video content without a corresponding key. Encryption helps to convert the input data into ciphertext via a “key” and prevents unauthorized users from reading or even pirating the video. It is nearly impossible for anyone to convert the ciphertext into plaintext without the “key”.
A commonly used encryption algorithm is AES–Advanced Encryption Standard. This is a symmetric-key algorithm, which means that the key for encryption and decryption are the same. Using the same key brings high efficiency to both encryption and decryption and avoids the consumption in key management as well..
However, AES is not the only available encryption technique in DRM. If different DRM systems use different encryption algorithms, then the packager has to encrypt the content many times, leading to a waste of resources and much inconvenience. This is why MPEG developed the Common Encryption, CENC in short. CENC proposed cenc(AES-128 CTR) and cbcs(AES-128 CBC) as standards for encryption. The topic of encryption is complex and nuanced – read more about common encryption in ISO base media file format files.
Step 2: Key and Licence
In step 1, we saw how to encrypt the content and why it’s important. But where does the “key” for encryption come from. In general, it suffices for the content provider to generate the key, passing it to the packager(or the transcoder) and then to do encryption via the key. This is a method we call “private encryption”. However, as for DRM, vendors will provide tools and systems to generate the keys.
Step 3: Key, KeyID and ContentID
Let’s assume that you got a key from a DRM vendor and have already encrypted your content with that key. But when it comes to decryption, how can one know which key should be retrieved from the DRM server for encryption? This is why we need KeyID and ContentID. Key ID is like the identification to a key, while ContentID is a unique code for the video or stream you want to encrypt. Before encryption, you need to generate the KeyID and ContentID. In DRM, the key and KeyID are packaged in the license and stored in a secure server called License Server. During the encryption, the license will be associated with the ContentID and the license URL will be added to the manifest file as well.
Step 4: Decryption and Playback
When a viewer clicks play on the video page, the player first has to recognize whether the video is encrypted or not. Usually some info will be embedded into the manifest to signal that the video is encrypted. When the player wants to play the encrypted video, it requests the license URL from the DRM license server. if the DRM license server is happy with the request, it will provide the corresponding license to the player. Then underlying DRM modules will help to decode the license, extract key from it and then encrypt the content.
This is a simplified explanation of the process. The actual workings of a DRM will be far more complicated. For example, if you want to use DRM in your live streaming business, key rotation will be another factor that you should take into consideration.
There are a number of DRM solution providers in the market today, with their own distinct features and capabilities. Here are three of the most popular ones that businesses can explore:
- Widevine: A DRM solution that comes with content protection, fully featured HTML5 video player with adaptive streaming and standardized formats which allow users to play anywhere after encryption.
- PlayReady: A set of DRM technologies from Microsoft that has features such as the ability to control expiration date, resolution, type of screen and other aspects of video playback.
- Fairplay: A DRM system from Apple that lets you securely distribute streaming digital media using the HLS (HTTP Live Streaming) protocol. It is natively supported on iOS, tvOS, and macOS.
Benefits of Digital Rights Management
Aside from protection of copyright content from unauthorized users, DRMs also offer various indirect benefits:
Maximizing the ROI for your content
If your intention is to generate revenue from content, it is natural to be investing heavily in production, especially for videos and livestreams. All that investment can be lost if someone else steals your content and makes money off it. DRM ensures that you don’t lose out on potential revenue and instead maximize your ROI by preventing others from profiting off your content.
Prevention of unintended use
Sometimes, you want to deliberately control access to your content if you only want a select audience to be viewing it. For example, when you are streaming a video, you may only want it to be viewed on a set number of devices or screens and for a specific number of times per individual user. DRM can also help with this as it can allow access based on these rules and restrict the content as soon as the rules are broken.
More trustworthy partnerships
Businesses that provide or distribute content may often need to enter into third-party partnerships for various reasons such as better reach, cost reduction or for access to better streaming technology. In these partnerships, data security can be a concern as you will have to trust the partner to follow your best practices and to protect your content from unauthorized access. With DRM, you can avoid these concerns as the technology does the job of protecting your content and ensuring data security, so you can focus on building meaningful relationships with the partner.
Additional layer of security
Traditionally, encryption technologies such as AES have done a good job of protecting content, especially images and video, from being accessed without authorization. However, these may still be ineffective against more crude techniques like screenshots, downloading and manual recording of the video plays. DRM tools can add another layer of security on top of AES by deterring such methods.
DRM Implementation Examples
DRM software can be implemented in a few different ways depending on your business and specific use cases.
Some DRM implementation examples are as follows:
- Protecting creative works: For preventing unauthorized use of creative content such as films, music, apps and other formats which are protected under copyright laws. Even business brands can use DRMs to protect their assets such as logos and advertising campaign material to protect their brand image.
- Securing enterprise data: Enterprises can also use DRMs to protect their sensitive data, product documents and business plans which need to remain confidential until a public release.
- Preventing software piracy: For technology firms to protect their licensed software from being pirated and used by non-paying users.
DRM systems can also work with other types of software such as digital asset management (DAM) platforms to uphold secure access to assets and content management systems (CMS) depending on your workflow.
How CDNetworks Help to Add DRM to Contents
CDNetworks provides DRM for both video on demand and Live Broadcast. Our all-in-one DRM solution contains transcoding server, license server, key management server and CDN. With CDNetworks Media Acceleration VoD and Media Acceleration Live Broadcast, you can experience all the benefits of DRM and secure your stream. No additional expenditure on hardware and DRM infrastructures is required.
Besides DRM, CDNetworks also offers businesses a number of solutions to broadcast your video content securely. Enjoy a secure video streaming by encrypting the content itself, guarding the delivery and control the viewing access!