Securing OTT Content — Watermarking
Written by: Boris Asadanin, Streaming Media Consultant and Partner at Eyevinn Technology
While DRM has been the primary technology for securing content, the focus is slowly shifting to include also watermarking techniques.
This article is one of three describing the technical principles of securing OTT content.
This publication is part of a series of articles describing the principles of the technology behind video streaming. It could be read without any prior knowledge on the subject.
New Content Sharing Methods
Looking at the complete picture of securing content (see my other publications on Securing OTT content), we have been obfuscating, encrypting, tokenized, or by analogue methods introduced interference signals to control who has the right to watch content. But all these methods share one as common as important flaw; when the content is played on a screen the security is completely gone.
This has been used to copy and illegally distribute and share content. Literally anyone has been capable to relatively safely copy and share content with varied quality of experience. More sophisticated methods include screen and audio capturing software, while common people could always use mobile cameras to record the cinema screen.
More recently the developed live streaming distribution technology has enabled hackers to distribute live streams and not only VOD content. Without watermarking we can expect to more frequently read news like the following:
Imagine the following: You are sitting at work when your home alarm goes off in your mobile phone. You pick up the phone to watch your home security cameras and notice burglars calmly walking around in your home looking for and stealing anything of value. You call the police, but they just say that they cannot do anything about it.
Just like this the content owners, who have paid huge amounts for content rights, can in real time follow an illegally shared live stream. But without watermarking there is no way for them to track down the source stream and shut it down.
Watermarking may be the technology that may bring at least illegal live content sharing to an end.
What is Watermarking?
Watermarking in OTT content distribution is an emerging technology which quickly gains more market interest as this article is written. What is it, why is it used, and how does it work?
OTT content watermarking is a security tool that documents ownership to track the original consumer of the content. This is made possible by the unicast nature of OTT streaming — each viewing session is a unique stream that can be uniquely marked. But note that marking a stream is quite easy. Setting a unique mark to each stream enabling us to identify a user is much harder.The real challenge for watermarking techniques is therefore to make them scalable without increasing latency for live streams.
There are generally two different watermarking techniques: Visual and Forensic. Forensic watermarking is further divided into Manifest based (or A/B watermarking), and Bitstream based watermarking.
Watermarking is a passive security tool and does not, intimidation aside, actively prevent hackers to share content illegally. During live events like football championships content owners are monitoring the internet for illegally shared live streams. Having watermarked their content, they can trace the source stream, identify the subscriber sharing the live event, and shut down the source streaming session. This is the primary driver for the content owners; to stop the ongoing burglary. Bringing pirates to justice has a more generous time plan since it is not directly revenue affecting.
The Visual watermarking type is what we can all relate to since it is visible and resembles branding TV channels. We can usually see the branding in the top corner of a TV channel. The watermark can be added anywhere in the OTT distribution chain, but for our purpose and to make it scalable — identifying a subscriber to a streaming session, the visual watermark is usually applied in the client. Should a broadcasted video clip be illegally shared, the visual watermark would easily identify the perpetrator.
Note that visual watermarks impact quality of service and must be positioned accordingly.
The OTT distribution technology chain for visual watermarking is no different from ordinary distribution chains. The only difference is a client specific software that adds the client unique watermark. The service provider owning the player clients have a database mapping each client identity with a unique watermark. The number 12 in the right image of Fig 2. may correspond to one specific user.
Visual watermarking of video content is not a new invention. More traditional fields of application have been intrusive watermarking for subtitling companies etc. Their work does not include enjoying video content, much less sharing it illegally, but to add subtitles to it. Watermarking has also been added to physical video copies distributed to movie theatres. If a watermarked movie would end up being shared illegally, the copyright owners could trace it back to a movie theatre and proceed with legal actions.
The upside of visual watermarking is simplicity, scalability, and cost. Instead of investing in the more sophisticated forensic watermarking in the headend, the clients apply an easily detectable visual watermark containing a unique client identifier.
The downside of visual watermarking is maintenance, security and visibility. The simplest way to remove the corner located watermark may be to just crop the video and thereby cut away the watermark. Otherwise as the watermark is added by the client the main drawback is maintenance. Keeping all clients updated with the latest versions may be a hassle. Clients are also easier to hack to remove the watermark. A hacker would then also visually verify that the watermark has been removed and that the video is safe to share.
As the hacker ratio in a given collection of subscribers is quite low, visual watermarking is therefore better as intimidation than real security. Most people cannot break it.
Forensic watermarking is far more sophisticated than the visual. The basis of forensic watermarking is to identify pixels in the video image that can be ever so slightly modified that they remain undetectable for the naked eye. As forensic watermarking is not visible the modified pixels can be anywhere in the image without lowering the quality of experience, hence preventing any image cropping. By applying a unique combination of pixels modified with “modification intensity/profile”, each video stream can become unique for each subscriber. Any shared video may be traced back to identify the original consumer.
Forensic watermarks are detected by using certain tools to view the video images.
Manifest Based Forensic Watermarking (A/B Watermarking)
The natural place to modify pixels is in the transcoder. To identify the modifiable pixels there is some pre-processing required. The complete chain is described in fig 5.
The content is first pre-processed to identify appropriate pixels to modify and how to modify them without losing quality of experience. This watermarking pre-processing data is then fed into the transcoder where the pixels are modified accordingly. In the final stage the packager packages two copies of the watermarked content to be streamed to a client.
Why do we have two copies of each video content for watermarking? The observant reader would also ask how this method scales to achieve one unique watermark per subscriber, but still applying the watermark in the transcoder. We only package content on the fly to each subscriber, encoding on the fly is too resource demanding.
The solution to scale forensic watermarking and still apply the watermark back in the transcoder is to use two content copies to create a unique manifest for each subscriber session. As a client requests a piece of video content, the content is already watermarked from the transcoder. The packager creates a unique manifest with a unique combination of video segments from each of the two video copies.
Looking at the fig 6, each subscriber will receive a unique combination of segments from the two copies of the content. The unique manifest together with the watermark (all subscribers receive the same watermark), may be used to identify the original consumer of an illegally shared piece of content. This is also why this technology is also known as A/B Watermarking.
To summarize, the advantages of manifest based forensic watermarking are obvious: the technique is secure and harder to break.
The downsides are primarily scalability and complexity. Two copies must be stored and each subscriber must receive a unique manifest file.
One specific vulnerability for manifest based forensic watermarking is that a hacker could potentially combine the manifest and segments from two separate streams, and thereby share an own and false unique content copy. This is generally known as a collusion attack.
Bitstream Based Forensic Watermarking
More recent techniques of forensic watermarking allow for using only one content copy and instead applying unique watermarking profiles to each video stream. Recent solutions apply the watermark either in the packager or in the client. The watermarking technology is the same but instead of creating a unique manifest, the packager (or client) holds technology for applying session unique watermarks. The similar work chain is depicted in fig 7 below.
As depicted in fig 7 the packager receives the pre-processed information and knows how to apply watermarks without actually having to transcode the video content. This solution requires watermarking vendors and packager vendors working together to achieve a modified pre-processor output as well as a certain level of edge computing in a more sophisticated edge packager.
Bitstream based forensic watermarking is even harder to break and is not susceptible to collusion attacks.
The technology for watermarking OTT content is not new but it is still to be adopted by the industry. So far DRM has been the main requirement by the content owners. But with the illegal live content sharing the industry is facing a new problem; content owners can follow in real time their loss when live content is being watched on illegal sharing portals. Even if the content owners may not want to take all steps to bring the hackers to justice, they would at least want the ability to take action and immediately close the live stream to the hacker sharing the live content.