• No results found

How to Choose the Best DRM Software For Your Mobile Application

N/A
N/A
Protected

Academic year: 2021

Share "How to Choose the Best DRM Software For Your Mobile Application"

Copied!
15
0
0

Loading.... (view fulltext now)

Full text

(1)

Maximizing the Value of Your DRM

Software:

(2)

Table of contents

Introduction ... 3

Defining your needs ... 4

Business considerations ... 4

Technical considerations ... 4

Examining your options ... 5

Requirements analysis ... 5

Studio approval ... 6

App store approval ... 6

Support for multiple business models ... 6

License management – persistent backup ... 7

Customization and application integration ... 7

Complete streaming and playback support ... 7

Up-to-date support for Microsoft PlayReady Compliance and Robustness Rules ... 8

Android and iOS device compatibility support ... 8

Hardware acceleration ... 8

Multi-screen streaming capabilities ... 9

Implementation and delivery support ... 9

Advanced security and anti-hacking capabilities ... 9

Trusted Execution Environment (TEE) support ... 10

Forensic watermarking support ... 10

Features checklist ... 11

Critical strategic questions to ask about vendors ... 13

Pricing and cost of ownership considerations ... 13

(3)

Introduction

When you are planning to deploy a premium content offering that includes the delivery of studio and high-value content to mobile and stationary PCs, set-top-boxes, gaming platforms and media extenders, it becomes necessary to secure the files to prevent theft and enforce content licensing requirements and business models. This requires a Digital Rights Management (DRM) solution that meets the established content security requirements while supporting the broadest possible access to the media content from the widest number of devices.

Choosing a video security solution—encompassing stream protection and DRM capabilities—can be a difficult maze for many organizations to navigate. A transition away from proprietary technologies, such as Adobe Flash Player, has created a landscape of options. To be able to provide consistent, secure, and high-quality content to an ever-increasing number of device types and still be open and flexible enough to accommodate changing consumer preferences are significant challenges in over-the-top (OTT) video delivery.

Finding the right DRM solution to meet your needs is key to a fast launch and hassle-free deployment of a highly scalable media offering with low-support requirements. The perfect software solution for your organization should fit your business model, get you to market quickly, save you hundreds of man-hours and thousands of dollars, and make all of your customers happy. These factors are critical to the success of your project, but it also has to come in under budget too, right? Finding the right DRM software can definitely be a daunting task and there are many points to consider: it needs to meet both your business and technical requirements and address a wide variety of challenges in a constantly changing environment.

Even if you do manage to find the right software, there are still plenty of pitfalls you will need to avoid.

Implementation may take longer than expected. Costs may be higher than anticipated. Consumers may be unhappy with the usability of the solution. In many cases, companies simply settle for the easiest choice because it comes standard with a DRM license or content management platform without doing the necessary research to find the best solution—and then pay the price for their bad decision.

The purpose of this DRM software selection guide is to help you define the path that will lead to the right software and a successful implementation. If you are currently searching for a DRM solution, the next 15 minutes of reading will save you weeks of work, prepare you to choose the right solution, and ensure you get the maximum value from the DRM software you purchase.

Many OTT mobile video application projects can be large, complicated and expensive, which makes choosing the right DRM software an imperative for deployment success. This guide provides an overview of DRM concepts and technology as well as expert advice on choosing DRM software that

(4)

meet your organization’s security and business requirements. For discussion purposes, we will consider a mobile video application to be any application that can be downloaded and played on a device ranging from a mobile phone or tablet to smart TV or a set-top-box.

This paper will walk you through the key steps to buying DRM software. This guide and the associated checklists include product selection, implementation, service, and business requirements—all of which will impact the benefits you receive and the total cost of ownership (TCO) of your DRM solution and ultimately your application.

Defining your needs

Business considerations

When implementing a DRM solution for your mobile application, you need to consider its ability to support your business model and its flexibility to change as necessary. Key questions to ask include:

• Does it support the delivery of content anytime, anywhere to any device?

• Will it work across a range of content providers, OEMs, service and network providers to deliver the features and functionality for a variety of premium entertainment scenarios?

• Does it support flexible business models and enable a range of user scenarios including subscription services, advertising, rentals and single purchases?

• Will your application meet distributor requirements and quickly pass submission requirements for “app stores” such as Apple iTunes and Google Play?

• Will the DRM meet the security requirements set by content owners?

• Will the protection be approved for both offline download and play as well as streaming content?

• Will it be global-ready with subtitles, closed captions and multi-audio features? Technical considerations

There are numerous technical considerations based on the diverse number and type of devices and the number of operating system versions. For example, consider backward compatibility and support for the increasing number of Apple® iOS and Android operating systems.

• Will it provide optimum security to protect against jail-breaking and rooting of devices? Will it support multi-screen viewing schemes such as Airplay and Miracast?

(5)

• Will it support emerging protection platforms such as Trusted Execution Environment (TEE) deployments?

• Will it support a variety of media players and content delivery mechanisms?

• Can it handle the large variety of streaming formats and codecs?

• And most notably, does it have guaranteed compliance with Microsoft® PlayReady® Compliance and Robustness Rules?

• And last but not least, how difficult will it be to integrate?

Examining your options

There are two principal options to consider which ultimately affect the level of effort, required resources, robustness, user experience and time-to-market of your video application:

Your first option is to use a light, minimalist Software Development Kit (SDK) with no (or a basic) media player included, no security features and no media format awareness. The benefit of this option is that it is completely customizable. However, at the same time, this approach requires expertise in video technology and security to properly implement DRM, adding to the time and effort of application development.

Your second option is to use a rich SDK including a full-featured media player with full media format awareness, complete security measures, robustness and compliance, plus extra features such as offline playback, multiple subtitles, output protection, etc. For most application developers, this is the preferred approach since it requires less expertise in security integration and generally meets compliance requirements while significantly reducing the level of effort and the time-to-market.

In this quickly changing environment, the best approach is to choose a DRM that supports industry standards to avoid getting locked into a single proprietary approach which could add to your costs down the road and limit your flexibility to deliver the optimum consumer experience.

The rich SDK approach generally meets the needs of most organizations and, given its broader applicability and ease of use, is the recommended approach. This paper will provide the essential “must-haves” and considerations for purchasing a rich SDK option.

Requirements analysis

A video application needs to satisfy numerous requirements to support a scalable media service. It needs to be approved by content owners, network operators, and app store owners. It also has to deliver a seamless high-quality experience to the consumer end-user across a number of different devices and platforms. The following is a list of critical business and technical requirements that should be considered for any client application.

(6)

Studio approval

A good measure of the quality of the solution is whether the major Hollywood film and TV studios have approved it. At their core, DRM technologies help video publishers secure their content by providing control over functions such as payment terms, approved devices, and copy and sharing permissions. This provides safeguards against unauthorized use, piracy and other terms of use violations, allowing publishers to reinforce their business models and distribution agreements. In general, application developers should be seeking a studio-approved form of DRM, providing a high level of video security for online delivery. To obtain this approval, video assets are individually encrypted and packaged with unique individual encryption keys at the origination point to provide proper security. Any solution without studio approvals and recommendations should be eliminated from consideration.

App store approval

Most video applications are downloaded via app stores such as Google Play and Apples’ iTunes App Store. These app store providers are exerting more control over the applications they make available to protect consumers against rogue and malicious applications. Apples’ App Store is among the most stringent and maintains rigid requirements to approve an application for distribution. An application could be rejected for a variety of reasons. To ensure that the application does not get rejected, you should make sure that there are no components of the SDK or client application that violate these policies. Some DRM applications have not been designed with this need in mind and do not properly implement control over personal and device information. Some typical problems include making use of a Unique Device Identifier (UDID) and other personally identifiable information, which violates store policies. To avoid these issues and potential costly delays you should look for a vendor who is approved and recommended by app store owners and has a number of applications using their DRM in these stores.

Support for multiple business models

There are a variety of different business and revenue models that are being used to accommodate consumer preferences for viewing and paying for content. Consumption models range from in-home to on-the-go, switching viewing from large screen to small screen, which can encompass both offline and online experience, and a variety of services like OTT, Video-on-Demand (VoD), and Live TV with Catch-Up. These could be offered with multiple payments and monetization options including subscription services, advertising-supported viewing, rentals and pay-per-view fees for single purchases. Being able to deliver any or all of these options is vital to the success of any content delivery service. Consequently, DRM software must support all these options and provide features such as license pre-delivery and silent license delivery for subscription services.

(7)

License management – persistent backup

Device transferability and backup are important to consumers. A consumer-friendly application must be able to properly access and retrieve license keys to deliver a seamless end-user experience. If consumers need to wait to download and install license keys they will be frustrated and possibly lose access to previously purchased content. For Apple iOS devices, backup and restore of licenses and keys should be included in the iOS backup and restore process. This means that restoration of a backup to a clean device will include any previously downloaded licenses. Otherwise, all required licenses must be downloaded again. Your application (and DRM software) must take this into account in case stored licenses are lost or need to be transferred to a new device.

Customization and application integration

You want your application to have your own look, feel and branding but that does not mean you need to write custom code for the whole application. A complete DRM software application should allow you to extend your brand with a minimal amount of effort:

• It should be able to seamlessly integrate with existing applications and Graphical User Interfaces (GUIs) to deliver branded services to all types of connected mobile devices with a very short time-to-market.

• It needs to provide easy-to-use and well documented functions allowing quick integration with your application, ensuring unified branding and user experience across platforms.

• It also needs to support enhanced offerings with specific content such as subtitles, multichannel audio or closed captioning.

• The DRM application should provide an easy-to-use software library for application integration, and the functions need to cover all the different DRM technologies supported.

• A key feature to expect is the ability to design functionality prior to executable code generation. This feature will save time on integration as it is done only once and the actual deployed DRM schemes can be chosen at code generation.

Complete streaming and playback support

Consumers expect to be able to view their content online or offline with the highest quality, regardless of screen size, or streaming method. DRM software must not degrade the viewing experience and must be robust enough to support a number of viewing conditions. Consequently, the DRM software must support various adaptive streaming protocols for both live and VoD: Apple HTTP Live Streaming (HLS), Microsoft Smooth Streaming, and MPEG-DASH. It must also support progressive downloads and local playback with Common File Format (CFF - UltraViolet) and Protected Interoperable File Format (PIFF). It must also support closed captions and subtitles, and have audio capabilities for multiple tracks or languages.

(8)

Up-to-date support for Microsoft PlayReady Compliance and Robustness Rules

Microsoft PlayReady is one of the most widely used DRM schemes and any client-side DRM application needs to meet the latest Compliance and Robustness Rules. These rules specify the required behaviors of the Microsoft PlayReady implementations and of the software accessing these implementations. Compliance Rules describe how content may be accessed and passed using specific policy rules, and cover the allowable external outputs for Audio-Video contents. For example: what is allowable for uncompressed digital video (e.g., HDMI/HDCP), what is allowable for analog outputs such as CGMS/A, configuration of wireless outputs such as AirPlay and Miracast and many other configurations. Robustness Rules specify different Microsoft PlayReady assets and the levels of robustness required to protect each asset type. Maintaining adherence to these rules is a massive undertaking, especially given the enormous fragmentation of Android devices. Vendors are forced to extend a lot of effort to ensure Compliance Rules adherence on a wide variety of devices on the market. Failure to comply with these rules can result in costly delays to any service using the Microsoft PlayReady DRM scheme.

Android and iOS device compatibility support

Ensuring a consistent user experience with proper content protection is extremely challenging across both Android and iOS devices. There are over 18,000 different Android device models on the market running different versions and implementations of the Android OS. Furthermore, both Google and Apple release new OS versions multiple times a year. As a result, it is imperative that the DRM software is backward compatible and that the DRM software has been tested on the wide variety of OS versions and devices. It is important to ensure that a vendor has a strong track record of platform experience, has done extensive testing on devices, and is capable of providing swift and guaranteed support for frequent new OS versions as they are released.

Hardware acceleration

A DRM scheme involves the use of cryptography, which is resource intensive, and can affect the user experience if not properly managed. To provide a high quality of service and a premium user experience, DRM software should not contribute to degradation of the service due to the execution of security functions and, in fact, should incorporate hardware acceleration into its design to improve performance.

DRM software should also integrate with video players on platforms with their own hardware acceleration, and then leverage it for optimum media playback.

As an alternative, it should be possible to deploy the DRM software application with a third-party media player (for example, in cases where the native player does not have codec support) without performance consequences. This option excludes the hardware acceleration for media playback and relies on hardware acceleration capabilities for the DRM software.

(9)

Multi-screen streaming capabilities

To accommodate the growing trend of “anytime-anywhere” intermittent viewing that can transition from mobile small screen to large screen displays, DRM content protection must support technologies such as AirPlay and Miracast wherever they are deployed. With many consumers receiving content on mobile devices, the ability to project to large screens has become expected. Miracast is a peer-to-peer wireless screencasting standard formed via Wi-Fi Direct connections in a manner similar to Bluetooth. It enables wireless delivery of audio and video to or from desktops, tablets, mobile phones, and other devices. It allows users to, for example, echo display from a phone or tablet onto a TV, or watch live programs from a home cable box on a tablet. To take advantage of these technologies requires that DRM be properly implemented to support it. Both the sending and receiving devices must support Miracast for the technology to work. Airplay works in a similar manner on Apple devices and carries the same expectations. With consumer expectations for multi-screen viewing at an all-time high, Airplay and Miracast support should be included in any selection criteria for DRM software.

Implementation and delivery support

Providing the software is not where the DRM vendor’s responsibilities stop. To ensure rapid implementation the software vendor should provide detailed documentation including release notes, integration guides, building instructions and software library help files. Proper implementation will also require access to extended test suites containing a full range of

protected content and licenses. You should look to ensure that the test suite is available to customers and related third-party vendors throughout the implementation.

Advanced security and anti-hacking capabilities

Protection from professional pirates looking to profit from illegal sale of content, and from highly skilled amateurs looking to gain illegal access for personal use and distribution, requires an understanding of a variety of threats and of vulnerabilities on both the software and hardware. It also requires a deep security expertise to build in protections that are not often found in standard DRM software.

To achieve the necessary level of protection, all components of the DRM software client need to be protected with security components such as secure storage, encryption functions, sensitive code and data

(10)

obfuscation, and code integrity checks. These technologies allow the service provider to disable the application and revoke all content licenses in case of abuse or hacking. Critical security features must include: anti-hacking, a security and robustness shield, device rooting and jailbreaking detection as well as output protection level control.

Further hardware security features of the platform, such as the Trusted Execution Environment (TEE), the Secure Content Path (SCP) and Side-Channel-Attack-resistant cryptography blocks will be used and properly managed to enhance the protection and match the latest studios’ security requirements for premium content distribution.

Trusted Execution Environment (TEE) support

Future proofing your application is highly recommended and will save you time and expenses as the market moves forward. The emergence of TEE is a main component of this approach. A TEE is an isolated, secured Operating System (OS) that can be programmed into hardware and is partitioned from the main OS (aka Rich OS), for example Android. Security can be maintained as an inherent feature of the device, without degrading system performance, thus enabling applications, such as DRM or mobile payment, to run as protected applications.

The TEE only runs approved applications and is not vulnerable to threats such as malware and viruses that could affect the Rich OS. Mobile video applications are one of the major use cases TEE was designed for. They can be delivered as downloadable applications that are restricted to run in the TEE, providing even greater protection of the content and licensing. To take full advantage of TEE security, DRM software must be designed specifically to support a TEE.

Moreover, in order to offer the right protection level requested by studios for Ultra HD/4K content (MovieLabs Specification for Enhanced Content Protection – V1.1), this TEE should be complemented by a Secure Content Path (SCP), a secure Root-Of-Trust, and should guarantee a full resistance to complex hardware attacks. The SCP is the secure means to protect the content during all the processes happening after its decryption and until its display on a screen. The secure Root-Of-Trust guarantees that the application cannot be altered by malicious software.

Forensic watermarking support

Video watermarking is a technology to deter end-users from illegally leaking content. To do so, an invisible forensic watermark is embedded within the content to uniquely identify the device or the recipient to whom it has been delivered. This technology is robust protection against standard and advanced attacks, including screencasting and recording by camcorder.

With the benefits of forensic watermarking and secure DRM in one single package, premium content distribution is protected and pirates can be easily identified.

This complementary bundle also guarantees full compliance with the studios’ security requirements (MovieLabs Specification for Enhanced Content Protection – Version 1.1).

(11)

Features checklist

The following is a list of specific minimum features and functionalities that should be included in DRM software applications. This list takes into account backward compatibility and near-term emerging technology requirements.

Content delivery

Online and Offline HLS streaming ✔

Online and Offline Smooth Streaming ✔

Online and Offline MPEG-DASH streaming ✔

Live TV ✔

Multiple audio tracks streaming with Smooth Streaming ✔ Multiple audio tracks streaming with MPEG-DASH ✔ Multiple audio tracks streaming with HLS ✔ Media codecs H.264 ✔ VC-1 ✔ HE-AAC v1 and v2 ✔ AAC-LC ✔ DTS ✔ Security Integrity checks ✔ Ant-debugger checks ✔ Code obfuscation ✔ Jailbreak/rooting detection ✔

TEE integration (optional if needed) ✔ OS and device support

Android 2.3 and later ✔

iOS 7 and later ✔

iPhone 6 Plus ✔

iPhone 6 ✔

iPhone 5S ✔

(12)

iPhone 5 ✔

iPhone 4S ✔

iPhone 4 ✔

iPod Touch 5th and 6th generation ✔

iPad Air 1 and 2 ✔

iPad 2 and 3 ✔

iPad Mini 1 to 3 ✔

Microsoft PlayReady support

Microsoft PlayReady 2.5 and 3.0 ✔

Persistent license (offline content playback) ✔

Non-persistent license ✔

Output Protection Levels with HDMI/HDCP control ✔ Microsoft PlayReady license pre and post-delivery ✔

Domain support ✔

Offline secure certificate provisioning ✔

Key Rotation (Live TV only) ✔

Scalable License Chaining (Live TV only) ✔ Multi-screen support

AirPlay ✔

AirPlay Mirroring ✔

Subtitle delivery to AirPlay ✔

Miracast ✔

Other

Standard License Chaining ✔

Local file playback ✔

Mediaroom support ✔

Player controls (Play, Pause, Seek and Stop) ✔

Player re-skin and customization ✔

Subtitles / Closed captions / Timed Text Markup Language 1 (TTML 1) ✔ (External and Embedded)

Ultraviolet 2.1 ✔

(13)

Critical strategic questions to ask about vendors

DRM is a unique area requiring understanding of mobile platforms, content delivery and protection, and advanced security. So, in addition to making sure the above features match your requirements, you want to make sure the vendor has the experience and expertise to deliver now and in the future. The following list covers the strategic and qualitative considerations that form a solid vendor relationship:

1. How well does the solution satisfy your most important requirements? 2. How user-friendly is the solution?

3. How compelling are the vendor’s references? 4. How easy/complex is the implementation? 5. How customizable is the solution?

6. Does the vendor offer excellent support and speedy service? 7. Does the vendor have customers similar to you?

8. Does the vendor have deep experience in mobile? 9. What are the vendor’s security qualifications?

10. How innovative is the solution, compared to others on the market?

Pricing and cost of ownership considerations

When evaluating vendors be sure the complete pricing model is well understood and that all features are included upfront. Rights to all features should be included for one price as opposed to being made available as add-on pieces, which can become costly and reduce flexibility. For example, some vendors charge extra for different functionality such as streaming modes, offline downloads and other features.

When making a selection it's important to consider this list of essential features and be sure that there’s no hidden pricing for these critical components. Total cost of ownership is a function of the pricing for the feature-set in addition to how well the software is designed, documented and supported. While some vendors may offer the client software for “free” as part of a larger DRM or content management system, there could be high hidden costs for software that lacks in features, isn’t well tested on multiple platforms, is difficult to integrate, does not receive frequent updates and doesn’t have a company with experienced and available support staff.

(14)

Conclusion

In conclusion, if your goal is to deliver an application that provides a premium consumer experience while minimizing the cost and time-to-market, selecting the right DRM client software is essential. Downloadable DRM client applications offer many advantages and can reduce DRM implementation costs and time-to-market dramatically by eliminating the dependencies on device manufacturers for embedded DRM solutions. You should only consider downloadable DRM applications that are based on industry standard content protection, that provide a clear and easy-to-use software library for mobile application developers, and allow for the rapid creation of branded secure mobile video applications across all tablets and smartphones. Selecting software with demonstrable success under real-world conditions, and that enables distribution of protected high-value content in a single uniform and secure way across all supported platforms and devices, is paramount to success. If you consider all the above-mentioned criteria and select software that is designed to operate with any standard DRM server, you can deliver a premium product quickly and cost effectively along with the ability to provide end-to-end content protection that enables immediate deployment.

About INSIDE Secure’s Content Protection

Solutions

INSIDE Secure® provides the most comprehensive portfolio of security technologies, hardware, software and IP based solutions to meet current and future security requirements for even the most demanding markets. It provides a hybrid hardware and software solution to meet the stringent HD/UHD premium content distribution requirements.

Based on expertise acquired over 25 years in the security industry, INSIDE Secure helps its customers choose the right content monetization and asset protection strategy without sacrificing the ability to access content from any platform, whenever and wherever. More than 80 companies— including major studios, broadcasters, telecom operators, and multimedia compatible device manufacturers—already trust INSIDE Secure’s content protection solutions to deliver services to more than 100 million active users.

More information?

http://www.insidesecure.com/Markets-solutions/Content-Protection-and-Entertainment

Contact

(15)

References

Related documents

This paper uses a cross-section approach to study the impact of wives’ work on inequality in household income distribution in the European countries that are characterised

CYBER SECURITY DEFENSE MATRIX Protect Physical Process Technical Detect Physical Process Technical Respond Physical Process Technical.. CYBERSECURITY

(2003) performed CCN measurements during the Cooperative LBA (Large-scale Biosphere-Atmosphere Experiment in Amazo- nia, 1998) using a static diffusion cloud chamber between 0.15

23 Concern: Lower High School Graduation Rates 25 Concern: Increasing Due Process Cases 26 Concern: Insufficient Resources 26 Benefit: Increased Professional Collaboration

high-temperature solid insulation material adjacent to all winding conductors either bare or insulated (including all conductor insulation, spacers, strips and cylinders in

In this way, the less e±cient contestant is willing to choose a di®erent design location than the design chosen by the more e±cient ¯rm, and the sponsor has a higher probability to

Because a robust competency model can help to align practice and academic priorities, graduate programs in public and health administration are working to develop and adopt

In a study of the black adolescent identity in post-apartheid South Africa, Stevens and Lockhat 1997, have discussed a number of pertinent issues regarding the problem of