The document outlines the complexities of Digital Rights Management (DRM) and offers insights into selecting and implementing suitable content protection strategies. It discusses current DRM workflows, highlights recent developments such as multi-DRM and CMAF as solutions, and provides an overview of various DRM technologies including Widevine, PlayReady, and FairPlay. The presentation aims to assist content owners in navigating DRM challenges to secure their digital assets effectively.

1. DRM Back-to-Basics
Selecting and Implementing the Right
Premium Content Protection

2. Who are we? Juan Martinez
Sr Product Manager, Irdeto
Amsterdam, Netherlands
Paul MacDougall
Solutions Architect, Bitmovin
New York, New York
Kieran Farr
VP Marketing
San Francisco, California

4. © 2018 Irdeto. All Rights Reserved. – www.irdeto.com
We protect our clients’ business and brand by
securing their digital assets, platforms and
applications.

5. © 2018 Irdeto. All Rights Reserved. – www.irdeto.com
Irdeto Rights customers
Deployments in 6 continents
Over 500 Million licenses delivered monthly
Hundreds of thousands of content protected

6. DRM Pain Point
● DRM is required to protect monetization models from copyright
infringement by both casual and sophisticated actors
● DRM can be complex due to challenges implementing
integrations and reaching a highly fragmented market
● Today, we propose multi-DRM as a short term solution, and
CMAF as a long term solution.

7. Webinar Agenda
● Introductions
● Who are you?
● What is the state of DRM today?
○ Overview of today’s workflows & challenges
○ Recent changes, offline DRM, etc
○ Example
● Changes coming to common workflows with CMAF
○ What does this mean for me?
○ Avoiding pitfalls in implementing CMAF workflows
○ Example
● What are the next steps?
● Questions?

8. Registration survey results

9. DRM Workflows Today

10. How Does DRM
Work?
The video content is
encrypted with a content key
System generates license
files to accompany the
content
System allows playback for
an authenticated user and
device

11. Implementing a
DRM Workflow
End user application
Authenticates with
Provider. Entitlement
server defines the
content the user is
entitled to watch
Your
Entitlement
Server
License
Server
End User

12. Implementing a
DRM Workflow
End user requests to play
content.
Your
Entitlement
Server
License
Server
End User

13. Implementing a
DRM Workflow
End user application
requests a license for a
particular content
Your
Entitlement
Server
License
Server
End User

14. Implementing a
DRM Workflow
Key is given to End User,
playback is permitted
Your
Entitlement
Server
License
Server
End User

15. DRM Technologies
by Provider
Widevine Modular
PlayReady
Fairplay

16. Widevine Modular
DRM Overview
Widevine Modular (successor to Classic)
● Google’s DRM - Extensive support for Google
ecosystem
● Supports DASH with CENC
● Supports Hardware Security (TEE)
● Can limit content quality server-side
● Rights expression/policy enforcement
● Uses AES CTR

17. PlayReady DRM
Overview
Microsoft PlayReady
● Microsoft DRM - broad platform support,
including many smart TVs
● Most robust rights management
● Pre-cache licenses (fine grain sunrise and
sunset of keys)
● Uses AES CTR

18. FairPlay DRM
Overview
Apple Fairplay
● No rights expression or policy enforcement
● Needs Key Security Module on Key Server
● Needs code to relay key requests
● Uses AES CBC

19. © 2018 Irdeto. All Rights Reserved. – www.irdeto.com
DRM fragmentation
Google
Widevine
Microsoft PlayReady
Apple FairPlay
SmartTV’s
Set Top
Boxes
For use in China
19

20. 2017 Video Developer Survey | DRM Systems

21. Putting it All Together

22. © 2018 Irdeto. All Rights Reserved. – www.irdeto.com
22
Irdeto Control – Simpler integration
Operator
Irdeto ControlContent ID,
Encryption
Keys
Policies
CDN
LicensesKey Management
Multi-DRM License Servers
Content Usage Control
Authentication
+ Entitlements
Pre-integrated with
leading encoders /
packagers Available as hosted or
licensed solution
Player / Device

23. Multi-DRM
Maximum device reach
● Traditional (before DASH) Multi-DRM setups
need to encrypt and package the content for
each DRM separately
● DASH CENC/EME - allows key association
from different DRM’s with the same video
● Except for Apple (FairPlay with HLS on
devices & in Safari)

24. Recent Changes

25. Recent Changes
● CMAF allows a common set of encoded
video files to be used by multiple platforms
● Google and Microsoft have announced
support for CBC encryption in the Widevine
and Playready CDMs
● Offline DRM

26. DRM Workflows with CMAF

27. Current
AVC/h.264
HLS DASH
FairPlay
PlayReady,
Widevine, etc.
Apple Users Everyone else
AES-128 CBC AES-128 CTR
Separate video files on
storage/CDN

28. CMAF
AES-128 CBC
AVC/h.264
HLS DASH
FairPlay
PlayReady,
Widevine, etc.
Apple Users Everyone else
Only manifests (.m3u8 &
.mpd), small text files, are
replicated on storage and
CDN

29. Wrapping it up
● DRM is required (in many cases)
● DRM can be complex
● Multi-DRM is the current reality
● CMAF as a long term solution to simplify workflow

30. How do I get started?
● Start quickly using Bitmovin Encoding + Player + Irdeto
● Contact us for a free trial:
https://goo.gl/91HG5F (will also be shared via email)
○ fully-featured API integration
○ easy to build flexible and customizable workflows
○ maximum device and browser coverage

31. Q&A