Integration of the digital rights management (DRM) technology, which safeguards digital content by encrypting data for DRM video protection and preventing its use in ways that are not authorised, is a multi-step process that must be completed before it can be implemented into media websites and mobile applications. Before the video files are sent to the user’s device, they must first go through a process called transcoding, in which the existing video content is converted into a format that is compatible with streaming. Typically, this is done in MPEG-DASH or HLS. Both MPEG-DASH and the common encryption standard (CENC) are supported by digital rights management (DRM) solutions like Microsoft’s PlayReady and Google’s Widevine. This indicates that the encrypted package is capable of having either of the DRM techniques used to decrypt it. On the other side, Apple’s FairPlay employs the SAMPLE-AES encryption standard in conjunction with the HLS packaging standard. A video content that is intended for use on all three systems will thus need to go through the processes of encryption and packaging twice. This method is typically accomplished through the utilisation of a multi-DRM service, which enables the simultaneous encoding of videos into MPEG-DASH with CENC encryption as well as HLS with SAMPLE-AES encryption in a single operation.
Website proprietors who want to stream content using DRM video protection are required to generate an encryption key, an asset ID, and a key ID for each asset that is to be supplied to the client encrypted with DRM technology. If they do not do this, they will not be able to stream the content. Content is encrypted using an AES key with 128 bits of length for both FairPlay and CENC, and an additional Initialization Vector (IV) must be supplied for FairPlay. CENC does not require an additional IV. After that, the keys are ingested into the licence server, where they are made available to the client-side content decryption module (CDM), which is responsible for decrypting the content. The owners of websites should always preserve a backup for the keys that are used within their content platform. This will allow the keys to be quickly accessed in the event that there is a switch to a new licence server in the future. The majority of streaming platforms keep the licencing server as well as the subscription server running in order to integrate DRM. The player’s identity is verified and a licence is given out by the licencing server, while the viewer’s access to the content is validated by the subscription server.
The content that has been packaged using a multi-DRM server is then stored on a content delivery network (CDN) such as Amazon Web Services (AWS). From there, it is delivered to the end user through a complex workflow that involves the server of the multi-DRM vendor, the server of the DRM technology provider, the CDN, and the client device or browser. The CDM, which is present in all devices that are compatible with EME (Encrypted Media Extensions), is the component that is responsible for handling the decryption that is involved in the communication that takes place between the licencing server and the browser. In order to prevent the keys from falling into the wrong hands, the conversations are encrypted via a method called a challenge-response exchange.
Playback of the video on HTML5 players begins after the Content Delivery Manager (CDM) verifies the licencing key and decrypts the video asset blocks.