Despite Digital Rights Management (DRM) protections, video piracy manages to significantly impact OTT video delivery. The business model of OTT/DRM video delivery means it has been built to maximize reach. Video piracy continues because operators want (and need) to reach everyone owning a device that can play video content – no matter if the playback device is an old or new PC, a MAC, a mobile application or TV equipment such as a smart TV or set-top-box. Open or semi-open platforms like PCs, MACs and mobile devices are especially difficult to protect since debugging facilities and access to all resources is often part of the product. Even when the platform has the pretense of being locked down, for widespread used devices, there is an army of hackers opening it up.

A simple web search quickly reveals news of hacks against the most popular DRMs on these open platforms.  There is a seemingly unending amount of articles documenting the hacks and subsequent countermeasures again followed by a hack.

Hackers aren’t always simply freeloaders trying to avoid paying for content, they are often organized criminals – like all crime, they are looking for a return on their investment. Modern video distribution channels allow for much more efficient piracy: there is no need to have one set-top-box per channel running in a professional video pirate’s operation center, piling up in many racks – just one computer will handle the leaking and redistributing many channels.   

The inherent weaknesses of OTT’s stream distribution and their DRMs on open platforms create a tension between the business models of the content owners and OTT platforms. While the OTT platforms want to get the best content to as many customers as possible; the content owners have long been reluctant to allow premium or new content to be distributed to these open platforms.

As the OTT platforms have increased in popularity, so has their influence. This has resulted in gradual, incremental change. Not so long ago, “4K premium content is only allowed on protected platforms;” then “early release window premium 4K content is only allowed on protected platforms;” and after a while even that early release 4K content has been allowed on lesser protected platforms. 

See how you can protect your content

As the change happened in small incrementally steps it was always easy to argue “not much has changed” and so to ignore the growing piracy problem.

Today, even premium and new content is offered on open or semi-open platforms via OTT and DRMs. Viewers consume the content in number of different ways spanning from web applications to native PC or mac applications to mobile and smart TV applications.

This incremental process of allowing more and more content onto an ever-increasing number of open devices seems to have hit a climax. The industry’s eyes are now open and acknowledging there is a massive piracy problem surrounding these platforms. It’s affecting all content owners and they have no realistic way back to using more secure devices. Viewers – who are now used to watching any content, anywhere – wouldn’t accept the inconvenience.

Given, most OTT providers are forced to employ multiple applications running on thousands of device variants to get the reach they desire, there is little opportunity to use device security or locked down platforms. As a security company, Verimatrix is well versed in this challenge. The key is to consider the asset at risk and designs holistic solutions that protect it. As such, we view the piracy problem as a question of “how do we protect the video stream?”

Streams on open or semi-open DRM-based OTT platforms must be protected. It’s not surprising that the big players in content protection are seeking answers to address this “stream protection” problem. It’s extremely clear that traditional enforcement measures won’t solve today’s piracy problem. The problem statement has changed, and so new solutions are required. This does not mean discarding existing tried-and-tested content protection technologies; rather an expanded toolbox of measures – building on top of DRM solutions – must be used to control piracy.

The following components are required for such a solution on top of the base DRM:

  • A robust multi-DRM system closing the authentication gap to the end consumer.
  • Anti-piracy using a fingerprint or an enhanced watermarking solution in combination with fast web crawling to trace and take down leaks.
  • App telemetry to monitor attacks on the client application running on open or semi-open platforms.
  • Software protection of the client application linked to the app telemetry.
  • Protection at the operator’s content delivery network (CDN) to prevent theft of content directly from the operator’s CDN.
  • Machine learning to process pirate data and automatically detect piracy from the recorded data from the clients.


If the toolbox being deployed to control OTT/DRM piracy lacks one or more of the above components, it is greatly weakened. Why? Since the gaps, which are still left open, can still be anonymously exploited by professional pirates and perhaps even hobbyist pirates. The often-used security analogy is “there is no point locking the door, if you leave the window wide open.”

Ready to dive deeper?

Learn how to launch a secure tv service. 

The above list alone makes clear that only the large market players in content protection can effectively bring together the needed toolbox. Small players simply do not have the portfolio to build a holistic solution. In fact, such solutions go beyond even traditional content protect and require expertise more typically associated with app protection.

However, to an OTT operator, successfully integrating these offerings into the varied deployments that they have today may seem a scary proposition. Many think it’s not realistic to assume that a comprehensive integration can be completed for the diverse web, mobile and PC/MAC applications. To solve this problem one would seemingly need a magical box, where the operators can throw in their different apps and get them out fully integrated into the toolbox for stream protection and all other protections at the same time:

Verimatrix zero-code technology now provides this magical toolbox: it can do the integration automatically for all studio-approved DRMs as well as for all commonly used mobile and web applications. The Verimatrix toolbox is called Streamkeeper™ (or solution, if you prefer). And it’s unique zero-code technology is the reason why Streamkeeper also works to protect the streams of operators who do not want to subscribe to a single ecosystem only. It also dramatically reduces integration time.

Verimatrix Streamkeeper has the complete list of protection capabilities an operator will need.

One of the strengths of Streamkeeper is its ability to protect live content in real-time. It not only informs operators about attempted piracy, but allows operators to verify the attempted content theft and shut down the pirate immediately. This works across all studio-approved DRMs spanning commonly used web and mobile player applications.

Streamkeeper is designed from the ground up to be compliant with privacy legislation that often impacts the monitoring of client applications. Uniquely, Streamkeeper puts programable logic into each application that allows for monitoring data to tailored client-side to the required legal standard, while still allowing operators to adapt to new attacks and decide on a per-region basis automated countermeasures ranging from enabling of traitor tracing through quality reduction of the video to complete shutdown.

This way, Streamkeeper can avoid the legal problems often associated with monitoring, it can adapt to new attacks, handle selective blocking of the return channel, and enables the placement of operator-controlled automatic and scalable countermeasures into the client application.

Streamkeeper is a superior solution for stream security that adds the following components and features to the basic content protection toolbox:

  • Zero code injection allowing customers to protect streams without subscribing to one ecosystem
  • Fast integration (from weeks to minutes)
  • Addresses live content and allows immediate takedown, still fully controlled by the operator
  • Addresses new attacks
  • Robust against return channel blocking
  • Adapts to regional legal rules related to client monitoring

Additionally, Verimatrix Streamkeeper keeps all control on action and data monitored with the operator. For more information on Streamkeeper, visit our page.