Securing DRM Solutions for Media Streaming
The goal of DRM (digital rights management) solutions is to ensure paid-for content is played back securely on every supported platform. The process leverages encryption and a series of steps to ensure that content is only being viewed by an authorized user via an approved platform. Content providers, distribution networks, and streaming apps use DRM solutions to protect premium content on different platforms.
Users today login to streaming apps and select a piece of content to start streaming. Clicking “Play” creates a request with the content ID and device ID, which is then sent to the Content Delivery Network (CDN). The CDN stores the content segmented into smaller pieces for various resolutions (HD, 4K) and network speeds (3G, LTE, WiFI, 5G). Once the encrypted content is received from the CDN, the DRM component within the browser or apps (video player) connects with the DRM license server and verifies the user is authorized to view the content on that specific device. A license key that contains the content decryption keys is then sent back and the content playback begins as soon as the browser or app starts decrypting the requested content.
But standard encryption algorithms are vulnerable to attacks, especially when the app, device, or network is controlled by a malicious actor, so DRM solution providers need a security solution to ensure their decryption keys cannot be stolen. With Zimperium’s zKeyBox solution, DRM solution providers can secure the delivery of license and content decryption keys with white-box cryptography. Additionally, zKeyBox can secure the content decryption process on the end users’ device without any reliance on the device’s secure hardware.