The Changing Face of DRM: Where Do We Stand in 2015?
Next, check the list of supported target platforms and the means to support each platform. For example, on computers, Adobe Primetime relies on Flash Player, which enjoys much greater penetration than the Silverlight Player that PlayReady requires. Flash Player also ships as a component of the Google Chrome Browser, while Silverlight and Widevine are NPAPI plugins that Chrome will stop supporting sometime in 2015. At that point, PlayReady and Widevine users will need to shift to another strategy for Chrome support.
Device support in the CE market varies widely by technology and is a key strength of DivX Plus, which certifies playback of its content, and the compatibility of its DRM, on a very significant percentage of CE devices. This translates to faster, more problem-free integrations for the content distributor wishing to access these platforms.
You also need to ensure the accessibility of the technology in your existing production workflows and the ease of acquiring the technology from a contractual perspective. PlayReady excels in both regards, with extensive packaging support with most enterprise-level encoding tools as well as cloud-encoding services. You can also license PlayReady directly with Microsoft, deploy PlayReady through Microsoft’s Azure cloud platform, or tap into a diverse range of third-party suppliers, which can drive the startup cost down below four figures with monthly costs of less than $100 for low license volumes.
In contrast, particularly for its Classic, non-EME-based technology, Widevine has very little support among encoding vendors, which limits your encoding options. In terms of contractual accessibility, while Adobe Primetime DRM is available through a few third parties, Adobe looks to be taking that business direct, and some modules, such as the Android and iOS SDKs, are only available with the general Primetime package. So while Primetime DRM pricing is competitive for broad-based implementations, it’s not convenient for smaller deployments, or those just dipping their toes in the DRM waters. As we’ll see, availability through third-party vendors will be increasingly important during the early days of EME.
Finally, consider cost, which has significant variability depending upon technology and deployment model. For example, license PlayReady directly, and you’ll spend at least $30,000 to get started; license from a third-party vendor and you’ll be in the range quoted above. In addition to the initial cost, check the cost for mobile and other platform SDKs, which can range from zero to $100,000 or more. And check the per-license cost and monthly minimums. In this regard, Widevine is free, which is obviously a significant advantage.
Don’t expect the information gathering process to be simple, as most of these variables are a moving target, and documentation provided on websites is generally inadequate. The move from proprietary architectures to MSE/EME is only going to make things more complicated.
Meet the Encrypted Media Extensions
The earlier definition of DRM includes the concept of a DRM-capable player. Before EME, all DRM-capable players were DRM-specific: Flash Player for Adobe Primetime DRM, Silverlight for PlayReady, and downloadable plugins for the others. Essentially, under EME, the browser becomes the DRM-capable player.
All EME-compatible DRM systems will support the ISO base media file format (ISO BMFF) using H.264 video compression and AAC audio compression and the Common Encryption (CENC) encryption scheme. This means that the basic packages of encoded and encrypted files produced for any particular EME DRM technology should play on all EME DRM technologies with the proper license key. This is in sharp contrast to the existing system, in which each DRM requires its own unique package.
In addition, the ISO BMFF/CENC packaged files can contain calls to one or multiple DRMs, so producers can produce a single package that plays on all EME-capable systems using all EME-compatible DRMs. This is an absolutely critical feature since, at least today, all platforms support only a single DRM. This is shown in Figure 5.
To explain, if you want your movies to play on Chrome 35+ (and Android), you’ll need Widevine decryption capabilities, which means a relationship with Google or a Widevine third-party supplier. Ditto for Playready on Internet Explorer 11+ and Windows Phone 8.1+, Adobe for Firefox, and Apple for playback on iOS 6+ and Safari 8+. In essence, before EME, PlayReady, Widevine, or Access could provide playback on all listed platforms, but under EME, you’ll need to work with all three DRMs, plus Fairplay. This is complicated by the fact that Apple hasn’t indicated that it will license Fairplay DRM, though presumably it’s licensed to Netflix since Netflix is playing back in Safari via EME. To distribute on CE platforms you may need a fifth DRM, such as DivX.
How long this single-DRM-per-platform dynamic will stand is unknown. Obviously, all browser and platform vendors control which DRMs are integrated into their products. While all DRM vendors are lobbying for integrated support within each browser and platform, there have been no announcements to date. In addition, it’s unknown whether a complete new OS/browser reinstall will be necessary to install a new CDM, or whether CDMs can be downloaded and installed such as plugins. That’s up to the individual browser/OS developer.
Going beyond computers and mobile devices, there are some standardization efforts underway to simplify EME implementations on set-top boxes (STB) and CE devices that use open source browsers as part of their interface and design architecture. Specifically, a Microsoft specification called the Content Decryption Module Interface (CDMi) provides a standard application programming interface (API) for adding CDM modules to open-source browsers, and Fraunhofer has released the CDMi-based Open Source Content Decryption module. While these will accelerate EME deployment on these platforms, the DRM or DRMs deployed within each STB or CE devices is up to the manufacturers.
So as things stand today, to implement EME across the full range of browsers and devices, you’ll need to support more than one DRM. There are several third-party DRM providers, such as EZDRM, that currently supply more than one DRM, and providers such as BuyDRM, who previously supported only PlayReady, will likely move in this direction. However, as noted, several vendors, most notably Adobe, are moving away from third-party providers. At least on the contractual side of things, EME is complicating matters, not simplifying them.
Beyond the uncertainty surrounding the transition to EME is a more fundamental shift from software-based DRM to hardware-based DRM, which is inherently more secure. Intel launched hardware-based DRM with Intel Insider in the Sandy Bridge class of CPUs, which first shipped in 2011, and many set-top box and consumer electronics vendors are starting to implement DRM in their hardware, some using Microsoft PlayReady, some using Verimatrix VCAS. At some point, you would hope that all these technologies and platforms coalesce into a logical, easy to implement, cross-platform schema, but for now, it looks like deploying DRM will get more complicated before it gets easier.
Author’s note: The author wishes to thank Christopher Levy, CEO of BuyDRM, for technical assistance with this article.
This article appears in the January/February 2015 issue of Streaming Media magazine as "The Changing Face of DRM."
The CEO wants company videos shared in-house, but doesn't want trade secrets ending up on YouTube. Here's a primer on video security for the enterprise.
The 2015 OTT Superguide Is Now Available
A missing component isn't missing any longer, as Adobe promises additional browser support coming later this year.
The video industry has learned from the music industry's disastrous example, and created fair rights management systems.
DRM has no protective value. It's time to stop using it and seek out other ways to monetize online audio and video.
Companies and Suppliers Mentioned