Created date

July 7, 2015

Content type (localized)



Perfect storm of OTT and UHD raises bar for pay TV security

The arrival of UHD video services will intensify the arms race with content pirates, with many pirates working diligently to capture premium video and redistribute over the Internet. It coincides with the proliferation of high quality OTT video services, highlighting how broadband is now capable of sustaining the bit rates needed for UHD. This is why MovieLabs came out in September 2013 with a specific mandate for protecting its members’ content over UHD services.  These specifications were also updated in 2015.

The stipulation for forensic watermarking in this mandate captured the headlines because although watermarking is an established and proven technology, this is the first time it publicly recommended as a critical component of a pay TV security strategy. Indeed it has already been well proven both in digital cinema and for protection of HD movies within early release windows – by Verimatrix among others.

Perhaps independent of its successful track record, forensic watermarking was included in the MovieLabs mandate because it was the only known technology that could identify individual streams or specific instances of a given piece of content. The marks can be inserted at the server level into individual streams, or potentially within the network as well as by devices themselves, enabling streams to be traced back to various points in their distribution or lifecycle, including the origin server, CDN, access path, device types and the user.

Watermarking can also be quite useful in identifying the weaknesses in specific device models. In such an application, content owners can work with the device manufacturers to modify or upgrade devices to help eliminate the weaknesses.

Yet while necessary, watermarking on its own cannot combat stream piracy. It is one of three security pillars within the MovieLabs mandate, which is likely to be replicated in a similar form by rights holders for other forms of content distributed in UHD, including live sports. It is worth noting that live sports has unique revenue security challenges, but advanced watermarking technology can support the rapid detection of the source of a rebroadcasted live stream. This information could then be used to issue takedown orders or even de-authorize the original viewer while the game is still in progress, disrupting the illegal stream.

The other two pillars are hardware-based security and trusted software security. Each constitutes a different layer of defense, with the hardware pillar providing security inside the SoC (system-on-chip) (or a hardware root of trust) for credentials such as keys, while the second pillar, sometimes described as hardened software, ensures that only privileged logic components can be securely executed by the system, as protection against reverse-engineering, modifications and intrusion, debugging and general hacking.

The key point is that these three pillars are interdependent and reinforce each other to provide a solid overall defense against piracy.  Watermarking for example as the third pillar depends on both the other pillars for the trusted insertion of unique identifiers into payloads.

Verimatrix has built our VCAS Ultra around these three pillars as a coordinated platform for secure chain-of-custody across the UHD ecosystem. We have done this with the help of partners, such as Broadcom and Marvell, who provide the integrated hardware/software cores for the secure cryptographic processing and hardware support for watermarking payload insertion. Through our very secure approach to insertion of marks, we can defend against attacks and further enhance revenue security.

For more details on UHD, watermarking and the three pillars of security, download our paper “The Future of Revenue Security for Ultra HD Video.”