CDSA

Taking piracy detection and anti-piracy to a platform level allows organisations to identify gaps and recapture opportunities that were once thought to be lost, according to Verimatrix, a developer of security software for digital TV services.

By combining classic data centre and transport security with app-level and code-level security, media stakeholders and distributors can now take a surgical approach when fighting piracy that wasn’t possible before, Verimatrix says.

Although protecting infrastructure is fundamental, taking this platform approach extends traditional cybersecurity to the service edge and beyond.

“One of the things that became apparent was that not everybody’s … aware that cybersecurity threats and anti-piracy threats have sort of come together” and are “converging” now, Jon Samsel, SVP of global marketing at Verimatrix, said April 23 at the Anti-Piracy and Content Protection Summit in Las Vegas, during the session “Cyberpiracy: How Industrial-Scale Attacks Are Driving Security Innovation In Media.”

Media companies, telcos and content producers are all “dealing with threats and dealing with attacks at different levels,” he told attendees and those viewing the session online.

The most important issues are “what’s happening in the market, what are the threats that are happening, how are people responding and how are they fusing cybersecurity and anti-piracy to deliver security in new ways,” he said.

Noting that his company has been spending a lot of time over the last couple of years dealing with app security, he explained: “What we do is we basically have an app that needs protection and we inject that app with a hardening agent and we allow that app to have layers of security that make it very, very hard to penetrate the app but it provides us with some telemetry. It provides us with two-way information [on what’s] happening on the app, and then we’re able to bring this back in a dashboard, look at the monitoring and be able to tell everyone about this app.”

The “interesting thing about this” strategy is that “we’re able to combat the app piracy … through telemetry,” he said, adding: “We’re doing it through zero code implementation, and this is causing a lot of interest in the market.”

Verimatrix is “taking this technology now and saying, ‘Hey, how can we push this technology into more traditional areas of anti-piracy and put it into the app, inject this technology, [and] inject a watermark into the app instead of just hardening the app,” he explained.

At this point, “we’re able to trace and track what’s going on at the app level [and] at the device level,” he said, calling the technique “sort of revolutionary” in that it’s a “really new concept of being able to understand where piracy, where the threats are happening” at the app and device levels.

In response, moderator Steve Hawley, managing director of Piracy Monitor, a market intelligence and marketing communications service provider that specialises in piracy and anti-piracy solutions, said: “When I think about cybersecurity, what I normally hear in conversation is I’m protecting infrastructure…. And it sounds like what you’re saying is the consumer end point also plays a role in this process.”

That is correct, Samsel said, noting: “If you think about it, the consumer end point is the biggest threat extension that’s out there. Take a media app with millions of app downloads. All of those devices that are using that app are unprotected and there are millions of unprotected devices. Those devices could have malware on them, could have other malicious things on them. Those are attack vectors back into the enterprise that’s hosting the information and people haven’t been thinking about the app and the device level as a threat to the enterprise.”

Now, however, “we’re starting to see that people are looking at this more holistically – that the app and the device is an entryway into sort of the security wall,” Samsel said.

Many companies spend millions of dollars a year on enterprise security but “they have a hole in that wall,” Samsel noted. “And that hole in that wall is through the app, and they’re not protecting it. And so what we’re trying to do is we’re trying to create awareness around this, and we’re trying to say, ‘Hey, listen; that one app on that one unprotected device that could have that threat is something that you need to protect against.’”

Despite new anti-piracy technology, “there’s always going to be a place for traditional types of anti-piracy solutions,” he said.

Verimatrix uses watermarking and has different “reveal and takedown services,” he pointed out. “But I think the thing that’s new here is that we’re able to inject a watermark down to the app level [now so] we can actually see what’s happening by device [and see] where are the threats coming from by device,” he explained.

If the company wants to serve up a warning message, shut down a service or degrade pirated content, “we have a variety of surgically precise tools that we can actually roll out across a score of devices or a set of devices, or all the way down to an individual instance,” he said.

“That’s really what’s changing. We’re able to have fine-tuned responses to privacy at the device level or at the app level,” he added.

The 2022 Anti-Piracy and Content Protection Summit was presented by Richey May Technology Solutions, with sponsorship by Convergent Risks, NAGRA, Verimatix, BuyDRM, EZDRM and Vision Media. Produced by MESA, in association with the Content Delivery and Security Association (CDSA), the media partner for the show was Piracy Monitor.

To learn more about CDSA visit: https://CDSAonline.org

To find out more about upcoming MESA events or to get involved as a sponsor please contact Evie Silvers at [email protected].