Why is there now a need for operators to assess content protection? Is it down to changes in the market and consumer behaviour, or are there also other factors at play?
Consumer behavior patterns and the market in general are certainly changing dramatically, and faster than ever before. The rise in OTT, including global brands like Netflix and Amazon has been coupled with the undeniable consumer shift towards viewing on unmanaged, connected devices and the ever-shifting dynamics of the browser and device markets. All of these developments are excellent reasons for operators to take a step back and review whether their content protection strategy is fit for purpose now and for the future. At the same time, content protection technologies have also developed dramatically in recent years, and yet many operators are still sticking to their old systems and processes because they are either unprepared for changes or do not see the business need for change.
With the security demands of new technologies like UHD and virtual reality just around the corner for both broadcast and OTT, Irdeto believes there has never been a better time for operators to aim high and fundamentally rethink how they protect their content and business models. Content protection is now far more complex and dynamic due to rapidly evolving piracy and cyber security threats. The ecosystem is also increasingly fragmented. This makes it more difficult for operators to integrate security product point-solutions themselves into a holistic approach to address the changing needs. Daring to consider a new approach could save them money, revolutionise their operational efficiency and – most crucially – help them deliver the combination of content, convenience and value for money that selective consumers demand today and in the future. In short, the right security strategy can fuel their growth in this highly competitive market.
What are the benefits for operators of taking control of their own security while employing an ‘Independent Trust Authority’ to manage their assets?
This is a classic example of how an operator can break free from a common and long standing way of working – being locked-in to the technology ecosystem dictated by their CA vendor. They can’t have free reign when procuring STBs, chipsets, middleware, DRMs or a host of other hardware and software technologies because they can only select suppliers that are integrated with their CA system.
That’s bad financially because it prevents competitive tendering. It’s also bad for time to market because operators have little influence over feature development timescales when they can’t just pick an alternative supplier who is already market-ready. For example, being unable to support the DRMs of choice is a common problem that prevents the operators from giving consumers the best choice of services.
Many operators have considered – or even tried – breaking free of this lock-in by taking ownership of the security assets currently managed for them by the CA vendor. But with chipset keys, DRM keys and certificates, PKI keys and certificates and a whole bunch of other device keys to produce, provision, renew and revoke, it soon becomes an enormous logistical and integration headache that is far outside the operator’s core skill set. It sucks up time and money on employing expert staff, facilities and processes.
Employing a third party or Independent Trust Authority to manage security operators on their behalf, is really the ultimate act of “thinking outside the box”. It allows operators to enjoy the best of both worlds. Freed of vendor lock-in, they can drive down procurement costs and pick suppliers who’ll make them first-to-market with cool new services and features. At the same time, they outsource all the logistical complexity and risk to the Trust Authority which takes care of the complete security asset lifecycle from their own dedicated facilities. They are responsible for managing the relationships and processes with all technology vendors, giving the operator a single point of contact and leaving them free to get on with what they do best – entertaining consumers.
Will there also be significant benefits for consumers?
Of course the content protection technology, and the way it is managed, should always be totally transparent to the consumer. But lower procurement costs can be translated into more competitive pricing for the consumer. The convenience of getting new services quickly is also a significant benefit to the consumer. This might include being able to share content easily in the home, access to third-party OTT services like Netflix on their existing STB, or the addition of Ultra HD content to the operator’s own live TV or VOD offering. All of these are crucial to delivering the three cornerstones of consumer demand: content, convenience and value.
Are there any particular points an operator should look for in choosing a third party?
Experience is the key. To be worthy of the title “Independent Trust Authority”, an organisation needs to already have secure, dedicated facilities capable of handling the complete lifecycle of all kinds of security assets. And they need to be able to do it consistently, at immense scale to support the demands of the operator’s growing service.
Look for an organisation that’s truly technology agnostic. They’re hardly independent if they’re owned by a STB manufacturer or other technology vendor. Be sure they have existing relationships and operational processes in place with the widest possible range of SoC, STB, DRM and OEM suppliers. It can take upwards of six months just to set up NDAs with a new vendor, and then another 6-12 months to complete an integration, so you can’t afford to put your security strategy in the hands of a market newcomer. Credibility with Hollywood studios and sports-rights holders is also a key thing to watch for, because you can be sure these content owners will want to validate your new security arrangements before giving them the green light.
And consider how you will take advantage of your new-found-flexibility to roll-out exciting features to your STB population. If you don’t already have the facilities to provision software and key updates to STBs in the field, look for a third party that can manage this for you via cloud-based delivery.
What can Irdeto specifically offer in such a role?
In a word: experience. We’ve been protecting content for nearly 50 years, with strong relationships and proven operational processes with a huge variety of technology vendors. Our Keys & Credentials solution is already widely deployed with leading cable operators in the US and Canada. We have secured and keyed over 16 million next-generation STBs. We have keyed more than 25 different STB models from our highly resilient, dedicated keying centres. And we’ve provisioned more than 22 million updates to deployed STBs in the field. We’ve also secured our first tier-one European cable customer for Keys & Credentials, with next-generation STBs already being deployed.
Keys & Credentials is just one service in the Irdeto 360 Security portfolio. We offer a comprehensive set of security services and solutions designed to help operators meet changing consumer demands and cyber security threats. We believe the right security strategy can be a competitive advantage for operators to offer consumers more choice and boost business growth. We are ready to help operators achieve this vision.
How future proof is the third party solution? Can you see it evolving into something more complex as the market develops?
A solution like Irdeto Keys & Credentials is future proof for the following reasons: operators have full control of their keys to secure their freedom, Irdeto as the independent Trust Authority has the scale and expertise to support operators’ growth, and we have dedicated resources to closely and continually collaborate with leading technology vendors. As the market develops, the ecosystem will be more fragmented and technologies more complex. To have future proof content protection, operators must look for a security partner that is technology agnostic to avoid being locked in, and has a wide range of expertise and relationships in the ecosystem to quickly support changing needs. These relationships need to cover the whole ecosystem from ISPs, law enforcement, industry bodies and agencies to consumer and technology providers. Combining best-in-class point products in-house will simply not be secure and cost effective in the long run. The winning formula is combining state of the art technology with proactive services.
To download Irdeto’s latest White Paper The Right Security Expands Customer Choice: A Strategy Guide for Growth please click here