We sat down with Maria Malinkowitsch, Director of Product Management at Verimatrix, and Dr. Klaus Schenk, SVP of Security and Threat Research at Verimatrix, to discuss how Counterspy is setting new standards in content security and the tangible benefits it can bring to the industry.

Q: Can you explain the primary challenges video operators face with digital piracy?

M: Absolutely. The landscape is challenging, primarily due to piracy becoming increasingly accessible for non-professionals using free AI tools and ready-made scripts. It has become a billion-dollar industry of its own. 

Pirates exploit vulnerabilities in OTT streaming apps by stealing authentication tokens and DRM keys, causing significant revenue losses and compromising subscriber data. Beyond the direct financial impact, there’s also the risk of data breaches and theft of ad revenue, which can have severe repercussions for our clients’ businesses.

Q: Klaus, can you elaborate a bit more?

K: We are migrating more and more to a “boxless” future, at least in streaming, with a diverse ecosystem of video apps across various devices. This trend has increased the attack surface of the ecosystem that pirates can exploit. 

They’re attacking weakly protected streaming apps and their environments to extract or manipulate valuable data like access tokens, credentials, and details on the inner structure of video apps. This information allows them to modify and reroute JSON web tokens (JWTs) and license request URLs, essentially granting them access to DRM license keys and, by extension, clients’ content delivery networks (CDNs). 

Alternatively, pirates can use this information to extract content keys directly from manipulated content decryption modules, or they can rip content directly from outputs. Once the pirates get hold of access tokens and DRM license keys, the pirate’s end consumer can directly “leech” the content from the CDNs of the legitimate content distributor. 

Recent estimates show that 30% of the CDN traffic costs are due to such illegal streams. This creates a very appealing business model for pirates since they work at close to zero operational costs. 

The classic “restreaming” of ripped content bears considerable operational costs to the pirates. No matter if content is distributed via CDN leaching or restreaming of ripped content, professional pirates are offering their content to their end customers through appealing mobile or web apps. And there is also the non-profit theft of content via social media posts, using the same methods of content stealing as professional pirates, which accounts for a large portion of piracy in the market.

Q: How significant is the threat from these pirate operations to operators?

M: The threat is multi-faceted and significant. Beyond the direct loss of subscription revenue, operators are dealing with increased CDN charges—especially since pirates tend to favor high-bandwidth 4K/UHD content. 

Ad fraud is another critical issue, with pirates inserting their own ads to siphon off advertising revenue. Perhaps more alarmingly, they’re using invisible overlays in their apps to steal customers’ sign-in credentials and payment card information, posing a substantial risk to both consumers and the reputations of legitimate operators.

Q: What makes Counterspy stand out in addressing these piracy issues?

K: Counterspy is really exciting; it goes beyond traditional methods to ensure top-tier security for media app subscribers, safeguarding content across mobile, web, and even embedded devices. It fills the gap in authentication created by the shift from operator-controlled set top box hardware to retail or app-based OTT clients, allowing operators to distribute content confidently while preventing piracy. 

With Counterspy, each app instance is authenticated and tied to a specific subscriber, ensuring transparency and control over access. By safeguarding the authentication token from theft or manipulation, Counterspy prevents abuse and ensures legitimate access to content. 

Counterspy also monitors the environments of video apps for crafted Content Decryption Modules that may leak keys and marks the corresponding apps as not being eligible to receive license keys for content. Counterspy is covering the gaps and vulnerabilities of existing DRM and watermarking infrastructures.

Q: Can you elaborate on how Counterspy delivers a multi-layered response to these challenges?

K: Counterspy is designed to complement existing DRM and watermarking technologies, enabling a robust, multi-layered security posture. It includes attestation of the app and its critical environment in real-time, app security to prevent reverse engineering, man-in-the-middle attacks (even for web applications), hooking, debugging, and tampering, and sophisticated monitoring to detect and cut off compromised apps at their source. 

This comprehensive approach ensures that only legitimate apps are used, significantly reducing the risk of piracy and data theft. By integrating seamlessly with operators’ existing security measures, Counterspy not only hardens apps against attacks but also offers advanced telemetry and surveillance capabilities to stay ahead of pirates. It also monitors attempts at attacks and identifies the users making these attempts.

Q: Could you share some of the operational and financial benefits realized by video operators using Counterspy?

M: Certainly. One of our customers who implemented Counterspy experienced OPEX savings of $300,000. Perhaps more impressively, they were able to prevent direct piracy losses of $21 million. Directly after implementing our solution, their CDN costs plummeted by 50%, and the subscription growth started recovering. These figures highlight Counterspy’s effectiveness in securing content but also underscore the ROI value.

Q: How does Counterspy integrate into existing systems, and what are its key features?

K: Counterspy is designed to seamlessly integrate into video apps and extend to every consumer device that downloads that app, addressing a significant security gap in the M&E sector. It’s applied to applications via a zero-code approach. 

This does not require coding or code changes to apply it. Its key features include real-time monitoring of suspicious activity, with optional AI-driven responses ranging from displaying warning messages to shutting down compromised app instances. Moreover, it enhances traditional security measures while protecting against data, code, and environmental breaches, as well as securing ad revenue, which is crucial.

Q: Looking at the broader picture, how do you see Counterspy evolving to meet future challenges in digital content security?

M: The digital landscape is constantly changing, and so are the methods employed by pirates. At Verimatrix, we are committed to continuous innovation. This means not only refining our AI and machine learning capabilities but also staying ahead of emerging threats. We’re focused on ensuring that Counterspy remains at the forefront of content security technology, providing our clients with the best possible protection against digital piracy.

Q: How does Counterspy's technology work to tackle piracy effectively?

K: Counterspy’s security agents and protection features are automatically applied to apps, and they protect and monitor the streaming applications and their environments. The protection layer prevents known attacks on video applications in a robust manner. At the same time, data about attempted attacks and the environment of the streaming app is collected. 

This data is used to identify the applications that are safe to receive DRM license keys since their integrity is intact, their authenticity is verified, and their environment is deemed legit. The collected data is also checked against signatures of attacks, which can reliably tell if attackers are getting closer to successfully attacking the streaming applications or environment. These signatures are updated by security experts who permanently monitor new attack vectors. 

Moreover, Counterspy leverages AI and algorithmic techniques to assess the threat level and vulnerability of each app to attacks. This intelligence allows us to take immediate, targeted action, such as forcibly terminating specific app instances successfully used by pirates. Additionally, Counterspy can identify compromised user accounts, integrating with operators’ subscriber management systems to take swift action, providing a comprehensive response to secure content against piracy.

For app hardening, we employ a no-code approach for initial protection, with optional low-code SDKs for finer-grained control, including subscriber identification through forensic watermarking. This approach is dynamic, incorporating intelligence from previous attacks to ensure that our defenses evolve faster than pirate strategies.

Q: Finally, what would you say to video operators who are currently struggling with digital piracy?

M: Digital video piracy is not a challenge that will disappear on its own. It requires a proactive, technology-driven approach. Counterspy offers a comprehensive solution that not only addresses current threats but is also designed to adapt to future challenges. We’ve seen firsthand the positive impact it can have on operational efficiencies and financial performance. My advice would be to consider how a solution like Verimatrix Counterspy can transform your content security strategy for the better.

Q: Thank you, Maria and Klaus.