Web Security

Keeping OTT Content Secure: SSL, CDNs, and Encryption

April 16th, 2020 | By Jscrambler | 3 min read

As the industry tackles piracy concerns, we explore the roles played by SSL, CDNs, and encryption.

For decades, cable was the king of premium content delivery.

This all changed with the introduction of broadband internet in the late 1990s and technological breakthroughs like DCT compression. For the first time, it became possible to transmit video content over the top.

With the quick proliferation of high-speed Internet access, a major market opportunity was born: OTT services.

Today, we have 4.5 billion Internet users, most of whom now have all the hardware and software required to instantly stream high-quality media over the top. Browsers became one of the preferred forms of media playback for consumers, and even today, around 40% of OTT subscribers still use a computer to stream content.

This global change is tied-in with the growth we saw in recent years behind some SVOD services such as Netflix, YouTube, Amazon Video, and, more recently, Disney+. And even though almost half of U.S. households still have a traditional TV subscription, OTT services are growing fast.

In 2017, OTT services cumulatively generated revenue of around $97.5B and some estimations estimate this will grow to $332.5B by 2025.

As we surpass 600 million OTT users globally, the industry encounters new hurdles.

One such hurdle and a key threat to revenue and business sustainability in OTT is piracy. By leaking premium content to piracy platforms, attackers directly compromise the revenue of OTT services.

The exposure of premium content also means a breach of compliance with content rights owners. These owners trust OTT stream providers to ensure that their copyrighted content is kept secure. Exposed content might lead to legal charges against the OTT provider. These and other types of attacks cost pay-TV and OTT providers $9.1 billion in 2019, and it is expected that this cost will reach $12.5 billion by 2024.

To reduce their exposure to piracy, OTT providers employ a series of security layers. In this article, we'll explore the role of HTTPS and CDNs.

Delivering Web Content To The User

OTT providers rely on Content Delivery Networks (CDNs) to reduce latency (and increase the user experience) when delivering content to their users.

Unlike the web server, CDNs are spread out around the globe, which means they will be closer to the end-user.

This will help in delivering content faster, as the content will usually be cached or pre-fetched from the main server, preventing the user from having to connect directly to it. It will also help on live broadcasts, as the content producer will not have to broadcast its content to every individual user but instead will broadcast to several CDNs, which will, in turn, help deliver the content to the clients.

Traditionally, HTTPS has been a common approach to increasing the integrity and security of web content.

In a nutshell, HTTPS confirms to the user that he or she is connecting to the expected server while ensuring that the communication between them is encrypted, preventing Man-in-the-Middle (MITM) Attacks.

When applied to the problem of delivering copyrighted content to clients, HTTPS is not the right tool for the job.

Since CDNs typically don’t belong to the content providers, their own SSL/TLS certificates used for establishing HTTPS connections can't be used. As such, the content is delivered in plain HTTP to end-users or in HTTPS, but using the CDN’s certificates.

And even if it were feasible for OTT providers to use the HTTPS protocol to deliver their content efficiently, the content would only be protected during the transmission.

After the content reaches the client-side of the browser, HTTPS grants no protection to prevent attackers from leaking transmitted content without it being known to the OTT provider.

So far, we have explained the current landscape for OTT content delivery and the main security issues it faces.

Security Approaches to Secure OTT Content

Thankfully, there are several approaches to help minimize these security issues. These approaches can be based on authentication tokens, DRM systems, watermarking techniques, JavaScript/HTML5 protection, and webpage monitoring.

In this series of blog posts, we will explore the advantages and pitfalls of each approach to securing OTT content.

Read the next part, where we will explore authentication tokens and DRM systems.

For an in-depth analysis of security in OTT media delivery, read our free white paper about protecting intellectual property in OTT media delivery.

Jscrambler

The leader in client-side Web security. With Jscrambler, JavaScript applications become self-defensive and capable of detecting and blocking client-side attacks like Magecart.

View All Articles

Must read next

Cybersecurity

Keeping OTT Content Secure: Resilient Forensic Watermarking

In the last part of our series on piracy in OTT content, we dive into forensic watermarking and explore why these solutions need resilient JavaScript protection.

May 12, 2020 | By Jscrambler | 3 min read

Web Security

Keeping OTT Content Secure: Why Is DRM Not Enough?

In this third chapter of our series on piracy in OTT, we explore one of the biggest pitfalls of DRM and why watermarking is a much needed anti-piracy layer.

May 8, 2020 | By Jscrambler | 3 min read

Section Divider