Service providers also must protect revenue by ensuring only authorized subscribers access systems, he said. Any compromise of authentication or authorization processes deters revenue generation.
Broadcasters and pay-TV operators generally deliver content in a more controlled environment -- over a managed network to fixed devices, such as operator-controlled set-top boxes. Better hardware and endpoint security simplifies content protection on these boxes, since the platform's cost structure is more flexible.
OTTs, which deliver content over the Internet, usually target a vast number of devices including open platforms. Neither the device nor the network is under the system operator's control. Operators must gain some control via other technology capabilities, such as white-box cryptography and tamper detection.
Out With the Old
As subscribers adopted DVRs, 4K TVs, smartphones, gaming devices and tablets for their viewing pleasure, content pirates evolved from yesterday's clunky videotapes to more high-tech, IP-based solutions.
System operators need a proven and experienced, well-funded content protection partner that provides maximum security to their deployment and delivery updates and enhancements to stay ahead of pirates' new and emerging threats, Ellis said.
Operators can apply a common framework across DRMs to address a fragmented ecosystem, which is posed when devices come with different pre-integrated security solutions, Verimatrix's Peterka said.
"Service providers can solve multi-DRM challenges by providing harmonized rights management across networks and devices for OTT video delivery," he said. "Selecting a framework that allows for the inclusion of any third-party DRM scheme for a harmonized rights platform can ultimately provide complete end-to-end management of revenue security."
Content protection must safeguard content from the point of ingestion to the point of playback on the user's device. Content needs to always be encrypted and the resultant, associated decryption key must then be securely delivered to the end device. The encryption must be an algorithm that content owners have approved. In addition, the solution must be capable of disabling output capabilities on the end device in order to prevent unauthorized distribution via copy control.
"The overall content protection solution is a layered approach which spans many components within the system," said Ellis. "The content protection provider must align and partner with chip providers, device manufacturers and system operators to ensure the proper security capabilities are in place, where necessary."
BROADBAND WORLD FORM New perspectives. New connections. New location
See you in Berlin.
Protection doesn't end there. Operators are strongly advised to square the circle with constant monitoring and enforcement: scan, capture, fingerprint, identify, extract watermark, enforce, and repeat as necessary.
"If you don't know your video content is being stolen, how can you possibly stop it?" said Peterka. "Monitoring of real-time transactions can spot unusual patterns and anomalies that would require a team of experts to achieve by crawling through the web. It is crucial to monitor deployments from the inside out, tracing down sources of illicit redistribution and addressing them is as close to real time as possible."
Watermarking -- an adjunct to content protection -- can identify theft that may have occurred after the fact, often acting as a deterrent than a prevention technique.
"It's in everyone's interest that they each embed their own forensic watermarking or other ID in the content itself, so that when the parties are discussing who allowed which content to leak, there is incontrovertible evidence to show where the leak came from," said Schouten.
For traceability, mass delivery of uniquely marked content to combat revenue leakage in on-demand video service models, including OTT delivery to devices such as smartphones, games consoles and smart TVs, works well, said Verimatrix.
"Server-side embedding processes can uniquely mark compressed -- and even encrypted -- content files during delivery, and it is an important alternative to client-side embedding since it does not require any integration with, or modification to, the client devices," said Peterka. "It is essential that the resulting stream can be decrypted, decompressed and rendered by regular client devices, either in hardware or software. That way, all downstream copies will contain the unique payload, which can be extracted by machine aided comparison with the original content, even after severe distortion or degradation."
Safe and sound?
No technical solutions are 100% watertight. Security is never perfect; it is always a process, said Schouten. It is imperative that service providers upgrade, monitor and track vulnerabilities in a timely manner, he said.
"It is unlikely that piracy will ever stop so it needs to be made harder to achieve. It is not easy or cheap to pirate video content, so one way to reduce the prevalence would be to make it cheaper for subscribers to access legally than for pirates to steal," Schouten said. "Making video content easy and affordable to obtain legally can certainly reduce the negative aspects associated with piracy."
Technical solutions are limited in their ability to control piracy, said Ellis.
"Content protection systems can make it very difficult to extract information from the system, but there is no ability to absolutely prevent it. Security is always rated by how long it would take to 'brute force' it with technology available today; content protection solution's job is to ensure the system is protected in such a way that the pirate is left with only that brute force approach open to them," he said.
With today's available technologies, monitoring and frequent updates, the entire content chain can make it tougher for pirates to illicitly avail themselves of providers' revenue opportunity. This multi-disciplinary approach has as much to do with awareness and partnership as technology.
— Adrian Pennington is a journalist and editor specializing in the creation, business and technology of moving image media. Published in The Guardian, The Financial Times and The Hollywood Reporter, he also copywrites a range of marketing materials for brands and marketing agencies. Follow Adrian on Twitter at @pennington1; on LinkedIn at