CDSA

Preventing the piracy of premium studio content continues to be a major challenge for media and entertainment (M&E) companies. One might think that as digital rights management (DRM) technologies have matured over the past few years, so would their capabilities. But the technological landscape has become even more fragmented, according to content security services company BuyDRM.

Unfortunately, the lack of a centralised platform to “lock down” creates opportunity zones for pirates. You have probably heard the mantra “every screen and every device.” After all, it’s a rallying cry for marketers in nearly every segment of the video industry. But some of those screens and devices are much more secure than others.

“Consumer DRM has been a mainstay in content protection since the early days of the streaming industry but piracy continues to grow,” Gabe Elton, director of sales at BuyDRM, said March 22 during the session “Is DRM Flawed? Closing the Gaps in Your Content Protection Strategies” at the eighth annual Content Protection Summit Europe.

The event was held in conjunction with the sixth annual Content Workflow Management Forum at the Cavendish Conference Centre in London and as virtual events via the MESAverse, allowing for remote attendance worldwide.

During the session, Elton explored some of the past flaws in DRM, how current approaches to DRM being used by M&E organisations could be flawed, and how improvements in DRM technology, combined with watermarking, can help close the gaps in content protection strategies.

“The main problem that we’re facing with DRM today is screen recording technology,” Elton told viewers. “It’s by far the most prevalent form of piracy in the world and DRM does a great job actually of only allowing authorised users to view content. But, in many cases and, in fact, most cases today, it cannot prevent those users from using screen recording technology.”

The reason that’s the case is “because the most prevalent DRM in the world is Widevine and Chrome is the most prevalent browser in the world,” he noted, explaining: “In order to prevent screen recording, you have to force hardware-based decryption and this happens within a trusted execution environment whereas, in a browser-based, software-based decryption, that happens within the content decryption module. And the only way to prevent screen recording with DRM is if the browser and the DRM [are] native to the device, which is obviously Play-Ready for Internet Explorer and Microsoft Edge on PCs, Widevine and Chrome or some other Chromium browser on Android or Chromebook, and FairPlay with Safari on Mac and iOS.”

Elton added: “The problem here is Google has no home. Widevine is easily defeated with screen recording technology and the reason for that is because PCs and Macs, by far, dominate the operating system market while Google dominates the browser market. So this means that on 90 percent of desktops, more than 70 percent of those users’ browser of choice is either Google Chrome or some other Chromium browser that does not have hardware access and, therefore, screen recording cannot be prevented.”

This problem is “so prevalent that most studios limit the resolution to 720p with Google Chrome,” he pointed out.

However, major changes are on the way and “all of this is going to change very shortly,” he said. That’s because Microsoft and Google have reached an agreement that will give Widevine access to the hardware environment on PCs, he said.

That is a “big move” and, as a result, “one of the largest gaps in content security, which has allowed piracy to flourish is about to be closed,” he said.

But gaps will remain, he warned, noting Widevine still doesn’t have hardware access on Apple Macs and “no DRM technology is going to prevent anyone from setting up an HD camera in front of the screen and recording it.”

His recommendations are for M&E organisations to always enforce the strictest level of DRM available whenever possible, give the highest value content the highest level of security (which may include forcing Mac users to only use Safari), and use forensic watermarking in conjunction with DRM, he said. The latter is the only way to stop somebody from setting up an HD camera in front of a screen and recording content from it.

He also recommended that organisations look into BuyDRM’s KeyOS content security platform.

BuyDRM now offers server-side watermarking but, “in the future, we plan to add client-side watermarking” also, he said, noting it “scales much better for live events.” The company also has one of the largest partner programmes in the industry, he added.

To view the presentation, click here.

To download the presentation deck, click here.

The eighth annual Content Protection Summit Europe was produced by MESA in association with CDSA, and presented by Convergent Risks, with sponsorship by archTIS, NAGRA, Signiant, and BuyDRM.

The sixth annual Content Workflow Management Forum was produced by MESA in association with CDSA, the Hollywood IT Society (HITS), the Smart Content Council, the Content Localisation Council, and presented by Convergent Risks, with sponsorship by archTIS, NAGRA, Signiant, Whip Media, AppTek, BuyDRM, LinQ Media Group, OOONA, ZOO Digital, EIDR and Titles-On.