Higher resolutions and increasing broadband bandwidth are combining to deliver a perfect storm for content owners that is opening a new front in the ongoing battle against piracy. In the early days of pay TV the main threat came from cloning, where a pirate replicates part of a deviceâ€™s software or hardware such that control words can then be extracted and used to decrypt content. Then the arrival of mass broadband services shifted the balance of risk towards control word sharing, where a pirate discovers a common key used to decrypt the content and distributes it, typically via the Internet. But now a third wave of piracy is breaking as increasing bandwidth combined with ever higher resolutions is making it feasible for pirates to acquire high quality content, often legitimately, and then redistribute it over the Internet.
This is starting to tilt the balance of content security away from traditional hardware based Conditional Access governed by encryption and aimed at preventing theft of service, towards techniques that enable unauthorized streams to be detected rapidly and if necessary shut down in near real time. The faster than expected deployment of 4K services by online service providers, such as Netflix, is adding to the problem, since it provides pirates with a source of high quality content that they can commandeer and sell subscriptions or advertising against. Just camcording the picture could potentially yield a stream capable of being monetized by pirates, as was noted by Peter Siebert, Executive Director of the DVB Project Office in Geneva. â€œI think for the first time the picture at home can be better than the picture at the cinema,â€ said Siebert.
Digital watermarking is now widely accepted as having an essential role in tackling content redistribution, by making it possible to track the source of pirated streams back to individual devices or users. It is not to be confused with digital fingerprinting, which also has a significant part to play by enabling content to be identified on the basis of small snapshots extracted from it and stored on a database. Fingerprinting does not involve insertion of any new code but merely recognition of characteristic features of what is already there, just as when applied to humans in crime detection. Watermarking on the other hand involves insertion of additional code that should not be noticeable to consumers during playback and should also resist disablement by pirates. Watermarking is therefore only applicable to content that has had the relevant marks inserted, but with the advantage that it can be applied at different parts of the content distribution chain to enable more precise identification of sources and users of piracy.
â€œDefinitely watermarking is an important part of the puzzle,â€ said Siebert. For this reason the DVB has added hooks to support watermarking in the latest version 1.4 of its Common Interface (CI) Plus specification. CI Plus allows standard TVs to connect to on demand and live services â€œout of the boxâ€, by separating digital TV receiving and decoding from Conditional Access and content security. â€œIn principle this will let you trace back to the individual user and the TV,â€ said Siebert.
The latest CI+ 1.4, which will be deployed from 2015 as it replaces the current 1.3 version, will leave the choice of specific watermarking technology and how to deploy it up to broadcasters, operators and content owners. Careful deployment will be essential, because watermarking is merely an enabling technology providing the basis to identify pirates and streams that are being illegally redistributed, but not solving the whole problem by itself. â€œWatermarking on its own is not sufficient to combat content redistribution because you need processes in place to identify users and be able to shut them down,â€ said Andrew Glasspool, founder and managing partner at UK based TV technology consultancy Farncombe.
This need for the ability to exploit watermarks efficiently and quickly in near real time has been recognized for some years by Friend Media Technology Systems (Friend MTS), a provider of cloud-based video content security technology and revenue protection services. Currently FMTS has a product line called ExposÃ© that searches for clientsâ€™ content on the web that has been posted illegally, and then applies network forensics to trace the path of content back to the source. Network forensics involves various techniques to follow a stream back along the track it has taken, combining network traffic analysis and cross-referencing with IP routing data.
â€œAt the moment we fingerprint content as it is being broadcast, taking a snapshot every half second and indexing that very small piece of code in a database,â€ explained Friend MTS CEO Charlie Tillinghast. â€œWe then search for content, fingerprint what we find, and compare it to the original fingerprints in the database. When a match occurs, we identify the illicit site and initiate enforcement procedures.â€
ExposÃ© is focused primarily on live sports, because this is the biggest target for pirates. The problem with live sports content is that its value is very short lived and so it is not much use just chasing pirates after the event and none whatsoever shutting down a sports stream two hours after broadcast of say a premier league football match lasting little more than 90 minutes. For this reason, Friend MTS has added the new ingredient of digital watermarking to its latest product called Source that is being announced in June 2014, combined with the network forensics and the search technology that looks for streams that appear suspicious.
Source does more than just watermarking though. It tries to identify unusual usage patterns when streams are actually accessed that might be an indication that they are associated with an unauthorised redistribution. â€œWe are trying to identify anomalies that might indicate somebodyâ€™s not a standard user,â€ said Jonathan Friend, Founder and Chief Technology Officer at Friend MTS. â€œFor example somebody might use an account to permanently â€™watchâ€™ a single premium sports channel for days on end, have large numbers of long-running streams from the same IP address, or many other scenarios. It is then highly likely, according to Friend, that these streams are being re-streamed or repurposed and so greater scrutiny can be applied.
Real-time detection and action is similarly important. â€œYou can have all the watermarking in the world but you canâ€™t find the originator if, for example, hours or days later you discover that they were using stolen credit card details to obtain it,â€ said Friend. Therefore Source aims to act immediately to close down a stream, by reading the watermarks, catching the original stream and offering the ability to turn it off in a couple of minutes, according to Friend. â€œThen it doesnâ€™t matter if somebody is using a stolen credit card because youâ€™ve already dealt with the problem.â€ At a later time the perpetrator can be chased up if required.
Although most components of Friend MTSâ€™s Source, such as the search and fingerprinting, have already been well tested in the field, the watermarking part itself has not, so robustness and scalability of the whole system have yet to be proven. â€œNobody has attempted to attack watermarked streams because there arenâ€™t many, if any, watermarked streams out there yet,â€ pointed out Darren Staples, Head of Content Identification technologies at Friend MTS. â€œSo at this stage we can only second guess what the pirates might do.â€
However Staples contends that as far as possible the Company has taken the guess work out of it, by designing an adaptive system that can alter the watermarking scheme in real time in response to detected attempts to tamper with streams. â€œWe know there are going to be smart people who will work around the system successfully, as with any security technology,â€ said Staples. â€œBut because weâ€™re using our monitoring system for fast discovery of possible redistributions, and real-time detection, the watermark embedding is linked to these two processes. Then the code that is embedded in a userâ€™s stream is somewhat controlled by what is detected at the other end. So, in a number of scenarios where people may attempt to tamper with the embedded code we can adapt the code that is embedded and flush out who is trying to attack the system.â€
The ability to respond to the inevitable attacks that will occur is generally accepted as being necessary, as was pointed out by Spencer Stephens, CTO at Sony Pictures. â€œThe only way I know of avoiding content being hacked is to leave it in the vault,â€ said Stephens. â€œIn IT the best thing is to know your networkâ€™s been penetrated and act accordingly. I think the same thing is true here for broadcast systems.â€
Stephens emphasized that content security does have to be balanced against the User Experience. He indicated that trade-offs may have to be made as both broadcasters and content providers play around with the technology, seeking the right balance between security and convenience, just as before with previous content protection technologies. But at least forensic watermarking promises to provide a viable defence against content redistribution that until now has not been available.