We once again sat down with Maria “Mascha” Malinkowitsch, director of product management for Counterspy at Verimatrix, to discuss what she sees as some of the key themes within the anti-piracy arena this year and onward. Here are some of her most poignant insights:

Q: AI is making noise everywhere. What’s its role in video piracy?

Pirates are now using AI to steal content by cleverly circumventing protections. Bad actors will use it to figure out how to most efficiently and effectively steal video. And they’ll be using AI to exclude things like watermarking. Simply put, hunting down AI-based piracy is going to be more difficult for many. After all, pirates now use AI to:

  • Harness deep learning abilities for detection evasion: AI can be trained to modify stolen video content in such a way that it is able to evade being found by automated content recognition tools. This can include altering video frames or changing audio tracks.
  • Automate video content extraction: AI can automate the extraction of high-quality content from legit platforms. This can even potentially involve bypassing encryption and DRM.
  • Take advantage of cloud-based distribution: AI helps thieves not only manage but also distribute video content through cloud services, making it more difficult to identify and stop illegal streaming.
  • Find new content to pirate: AI-driven bots can scrape for new, valuable content, upload the material, and even manage the distribution network. 

Providers need to have partners who are on top of such threats and know how they operate. AI must be embraced as a tool to use against AI-based piracy. After all, if pirates depend upon AI, so should you to maximize the protections for your high-value content.

Q: How do you describe the size of the piracy problem?

Industrial-scale piracy is a clear and growing trend. A super cheap subscription website that is obviously a piracy play is a big and growing threat. And therefore, CDN leeching is big. If you want to stream content for a really cheap price, CDN leeching is a good way to reduce costs. 

Also, legit apps need to be able to address tampering, react, and take decisive action quickly. They need to be able to implement watermarking and content protection measures with ease in order to protect their revenues. Polymorphic protection is now very important. Every time an application is updated, it needs to be brand new and difficult to impede. And thus, criminals have to start from scratch each time the app is updated. It’s quite frustrating for the bad actors. They hate it. 

To make that happen, the protection being applied should be as low effort as possible. As we all know, a big engineering team in the OTT world is expensive, so each update and protection should be LOW CODE and FAST AND EASY. You should try to minimize your effort while maximizing the deterrent. 

Q: What are the ongoing, hidden costs associated with ignoring video piracy?

Most people in the industry are aware that the biggest competitor for OTT platforms is piracy. Period. They’re not fighting against other OTT platforms as much. So, minimizing piracy is of the utmost importance from a business perspective. To put it bluntly, when your interactions with your platform are 3-4 times more than your number of paying customers, you know you’re losing a lot of revenue.

Just looking at one of our Verimatrix customers in Latin America, where we protect against CDN leeching, we see how subscriptions have increased significantly. Getting subscribers BACK is important. It’s the path to true growth. Just getting back 10% growth in subscribers is a really, really big deal. Providers must otherwise invest in an extremely large marketing effort to come close to that type of revenue growth.

Also keep in mind reputation-related risks. Criminals will reverse engineer and grab ANYTHING they can. Reputational risks are massive and can take organizations to their knees. If it’s clear that credit card information was stolen from a provider, it’s not only embarrassing, but it’s also a business crippler.

Additionally, cybersecurity is key. Why do you need cybersecurity in today’s landscape? The old set-top boxes were known to providers and easier to protect. NOW, where do people watch content? You don’t watch only on your TV, and even then, the internet now brings your content to your TV and other devices like mobile, etc. The expectation is that NO ONE wants to be forced into only using one specific device. 

It’s the wild, wild web out there. It’s not a secure environment. You need to be able to fight back with adequate ammunition. And those tools need to be suitable for your business. You don’t need a rusty sword to fight piracy. The criminals are after not just one thing, such as the content itself, but also credit card information, etc. Providers need something in place that works now, that works quickly, and addresses the future type of attacks. Cybersecurity for content protects against phishing as well as content protection.

Q: What’s next for video watermarking? How is it continuing to evolve?

The industry very much wants to learn about advancements in forensic watermarking and its role in tracking pirated streams. In the end, providers need to adapt quickly. After all, just marking that it’s your content won’t help much. Organizations need to TRACK the criminal and their activity. It can be tricky. Client-based watermarking can be challenging. It needs to be invisible and not impact the user experience whatsoever. If the watermark is visible, criminals can use AI to remove it.

Many try to identify a client with so-called A/B watermarking (i.e., they produce different streams that are combined in a manner to identify the single user). As nice as it sounds, that approach isn’t very effective. Here’s why:

  • The implementation is extremely complex, as you need at least 3 parties working closely together: the CDN provider, the encoding provider, and the watermarking provider. Should any changes be needed later (e.g., due to breaches), this is extremely time-consuming.
  • The solution is very costly, increasing traffic-related costs. That’s especially true regarding live premium events and high viewership moments.
  • When pirates combine 2 streams at random intervals, the extractability suffers enormously.
  • Robustness entirely depends on proper information provided by the clients (i.e., without proper application protection, it is useless).

The answer is client-based watermarking protected together with the application. If the applied protection is done properly, it makes it extremely unappealing for criminals to try to steal the content. In the end, if it’s difficult and takes ages, bad actors won’t attempt it for long. Verimatrix has developed a capability called Verimatrix Deepscan

Verimatrix Deepscan marks the content but also tracks the criminals in an automated manner, and it can review the actual leakage—pointing to the bad actor who stole the content. With Verimatrix Counterspy, it allows you to protect live content in an automated manner and allows you to see who is leaking the content. You can even negatively impact the experience of the many people watching from the false platforms. That’s important because if protection happens too late, the live, expensive event is already over, and it doesn’t really matter. Fast and automated real-time piracy protection is an absolute must.