Read Latest Issue now

AWS: How DRM can buy you peace of mind

Posted on Jul 1, 2020 by Alex Fice

Sponsored editorial

DRM is the most basic – and maybe the most important – building block for securing content. BuyDRM is helping provide peace of mind for a whole industry

Streaming piracy is always in the news, mostly because a lot of people at home have tried it, and a lot of content creators are haemorrhaging revenues because of it. To try to curb this revenue and intellectual property leakage, there are technologies being employed to protect content. Digital rights management (DRM) can be described as armour that wraps around content that needs to be protected, from early on in the creative and editing process, to further down the line as it is distributed.

Inside that armour are other forms of content protection, but these also need DRM surrounding them as the only form of fortification that travels with the content throughout its life cycle, everywhere, from beginning to end. DRM runs through the entire life cycle of a piece of content’s use, from digital dailies, pre-post, screeners, voters, direct-to-consumer, long-tail around studios and studio-mandated DRM.

Christopher Levy, CEO and founder of BuyDRM, notes that while most of the focus on content piracy is around the end user and stream hacking, the biggest weak point is when the content is in post-production and pre-release. He explains: “There is so much focus on end user piracy, but the data available out there shows most leaks happen in the studio post-house being hacked. More often than not, it’s not the end user you need to worry about.”

DRM is just one component of a full spectrum of security components used in concert to thwart the threat of piracy

Streaming piracy is about hackers diverting content from its intended destination to share it for ‘free’ to those who want access. The reason for the inverted commas on ‘free’ is because those using devices loaded with the likes of Kodi software to enable them to view this content – and according to the Digital Citizens Alliance there are 12 million active users of illicit devices in North America alone – are vulnerable. According to a Digital Citizens report, Fishing in the Piracy Stream: How the Dark Web of Entertainment is Exposing Consumers to Harm, hackers are targeting the rogue market that offers illegal access to pirated movies and live programming to spread malware and exploit unsuspecting users.

Yet despite the risks, around 190 billion visits were made to illegal piracy sites in 2018, with people most interested in TV programmes. The US led this dodgy league with 17.4bn illegal piracy site visits, according to MUSO, a digital piracy tracking business. This was followed by Russia with 14.5bn, Brazil with 10.3bn, India with 9.6bn and the UK with 5.75bn.

Live sports is a prime target for illegal streams and downloads, but leagues, federations and rights holders are now cracking down on pirates. In March 2019, three men in the UK were sentenced to a group total of 17 years in prison for selling illegal streams of Premier League games to more than 1000 pubs, clubs and private homes over a ten-year period.

However, these crackdowns do not always go to plan. In June 2019, top Spanish football league La Liga found itself facing a €250,000 fine by the Spanish Agency for Data Protection (AEPD) as it was accused of illegally using its fan app to track down people pirating its content. La Liga is said to have used its app to listen in on fan conversations in order to trace streaming of its content in locations such as bars. In its defence, La Liga has stated that it uses a fingerprinting technique to protect its content and is appealing the fine, yet this shows how little agencies and end users are aware of the risks of piracy, and how content is really protected.

“Right now, every direct-to-consumer app in the universe uses DRM,” says Levy. “Whether it’s sports, TV, movies or long-form episodic content, DRM is a driver of allowing long-tail and AVOD content to be delivered under the studio’s mandated use of DRM. DRM enables downloads and offline playback of these types of content as well.”

Like a knight on a white charger, DRM, while defending content, is also a deterrent against content thieves. It enables the likes of content creators like BBC iPlayer, DAZN and Netflix, as well as platforms such as Facebook and YouTube, to make content available and even downloadable, which means those who want to watch do not need to go to illegal sources for their fix of live football or the latest episode of the most addictive new series.

However, Levy warns: “The biggest challenge out there for DRM is the number of platforms being used by viewers. It’s a hugely fragmented landscape, so for a DRM strategy to be successful, you need a partner that can handle that device fragmentation with a multi-DRM solution.”

The anti-piracy toolbox

There are several different tools used as part of the security process in protecting content, no matter how that content is presented, whether that’s on a DVD being sent out to a film reviewer, as a file in the cloud being worked on by a special FX team in another country, as live or video on demand (VOD), over-the-top (OTT) content being viewed or downloaded by a viewer, or any other number of possibilities.

Watermarking, forensic or visual, “solves the issue of content out in the wild”, says Levy. “Watermarking can tell you who leaked the content. The more they use, the more you ratchet up the security level, as you can’t find it and you can’t necessarily see it. It’s the most powerful tool available to enable the reduction of piracy.”

Running on both the client and server side, Levy explains operators are able to put a studio watermark into content when they receive it, as well as a session watermark in the content at the time of playback using ‘on-the-fly’ packaging. Levy adds they also use visual watermarks and ‘burn-ins’, which is where operators print the user’s information, IP or their session ID into the video frames as the content is being played back.

Fingerprinting is mostly used to block content that is being tightly controlled by the licensor. An example of this is when a user loads a video containing fingerprinted music on to YouTube and the video is taken down, or if a user tries to upload a video of a legitimate studio movie that has been fingerprinted, Facebook will block it.

“Fingerprinting means you will be blocked if you’re not supposed to be using [that audio or visual content],” explains Levy. “Once the content is out in the wild, it denies you the opportunity to introduce it to a wider audience.”

Wrapping around those technologies is DRM. “You have a lock on your car door, your house, your safe, your computer, your ATM card, your office, your kid’s school. The concept of using DRM on media just extends this core position that locks work. They deter casual theft and they prevent access in general by unauthorised parties,” points out Levy.

“However, DRM is just one component of a full spectrum of security components used in concert to thwart the threat of piracy. All these other aspects limit access to the content stream or the download to the end user, but once they have done their job, the last thing that protects the stream or download is DRM,” points out Levy. “Without the DRM technology, all these other technologies fall down. With DRM, every time a user gets that content, they have to be authenticated and get a download token. Using DRM as the final piece of the solution, at the very minimum, operators can prevent the casual reuse, rebroadcast or pilfering of their digital media content.”

Global solutions for global partners

BuyDRM provides a life cycle DRM platform in use by every major studio in the US for pre-release, screeners, digital dailies, voters, B2B and B2C delivery of premium content. This life cycle includes a content origination packaging server, which includes formatting (segmentation, chunking, fragmenting, watermarking, encryption and delivery).

It also offers a DRM SaaS platform and a DRM server. Finally, it provides secure player SDKs for playing back the content. BuyDRM wraps these three columns together in the MultiScreener platform, where it deploys all of this tech in conjunction to provide the most secure platform for media possible today.

As a partner of AWS Elemental, BuyDRM has a mutual API integration between its KeyOS Multi-DRM platform and the AWS Elemental MediaConvert and MediaPackage products. It also partners for testing and validation, deployment, marketing, and sales activities and updates to the API integration. Today, BuyDRM has ABC AU, Blizzard and Zee5 all using AWS Elemental with BuyDRM’s KeyOS.

The data available out there shows that most leaks happen in the studio post-house being hacked


The BBC has been a flagship client of BuyDRM’s for nearly a decade. BuyDRM provides the BBC with two components of the KeyOS platform, the MultiKey DRM Service and the MultiPlay SDKs. When a user downloads the BBC iPlayer app for iOS for example, inside the iPlayer application is the MultiPlay SDK, which ensures that the DRM workflow and playback workflows are intact. This includes everything from licence acquisition, secure licence storage, jailbreak protection, side attack protection, a download manager, AirPlay support and offline playback.

Additionally, BBC iPlayer uses the BuyDRM KeyOS MultiKey Service, a DRM-as-a-service (DaaS) platform, to deliver DRM licence keys to all of its users on a wide variety of platforms, from Windows to Android and smart TVs using KeyOS MultiKey Service, BBC iPlayer delivers DASH content using Google’s Widevine DRM, which is supported across a variety of popular consumer platforms. The broadcaster also uses the KeyOS MultiPlay SDKs to deliver DRM licences on mobile devices for protected playback of premium content. This multi-DRM approach furthers the BBC iPlayer brand as a leading streaming service to address UK’s demand for premium content.

In April 2019, BuyDRM announced that BBC Studios has deployed its KeyOS MultiKey Service and MultiPlay SDKs for delivering secure video content. BBC Studios, a global content company, is a commercial subsidiary of the BBC Group. Formed in April 2018 by the merger of BBC Worldwide and BBC Studios, it spans content financing, development, production, sales, branded services and ancillaries. BBC Studios’ award-winning British programmes are internationally recognised across a broad range of genres and specialisms.

“BBC Studios continues to expand its reach in south-east Asia, South Africa and European markets and, as part of this expansion, we want to continue to ensure that our content security strategy is robust while offering our customers the flexibility for offline viewing that they’ve come to expect,” says Shad Hashmi, BBC Studios senior vice-president of digital development and services. “BuyDRM’s KeyOS platform allows us to deliver our content to online and offline mobile devices with a high level of security.”


Zee5 is one of the top three largest media companies in India, with nearly 700 million users. Much like the BBC, Zee5 has a very geographically diverse user base, including India, South America, Africa, south-east Asia, Russia and the Middle East. The company services users in 12 languages in over 190 countries.

To manage this global distribution play, the Zee5 relies on the BuyDRM KeyOS MultiKey Service and MultiPlay SDKs to enable its various operating groups to deliver content in a variety of languages, across locations and across many disparate networks.

BuyDRM provided a massive Widevine implementation in KeyOS for Zee5 that is delivering close to five billion licenses a year, making it the world’s largest DRM deployment. With Chrome usage at 50% among viewers, Widevine was required, and BuyDRM also hit the mark with Zee5 as it could provide strong encryption and rights enforcement in a consumer-friendly DRM system. And since bandwidth is a premium in India, Zee5 uses the embedded download manager function built into the MultiPlay SDKs. Zee5 then uses the MultiKey Service to license users so they can download content and play it back offline, getting around the issue of bottlenecks in the network.


Showtime is a globally recognised brand with a variety of well-known series it produces, including Billions, Dexter, Homeland and Californication. As a long-time BuyDRM client, Showtime relies on its KeyOS MultiKey Service to protect the Showtime over-the-top (OTT) service for playback on a variety of platforms with a multitude of consumer DRMs on-board.

Building on this success, Showtime chose BuyDRM to provide robust DRM for a live pay-per-view boxing match earlier in 2019 between Manny Pacquiao and Adrien Broner. This pay-per-view fight was broadcast live on for Roku, Xbox, Fire TV and Chromecast, and protected with BuyDRM’s KeyOS MultiKey Service.

“Major OTT operators like Showtime can ill afford to have any downtime in their DRM deployments or have fragmentation in their implementation of DRM. With BuyDRM’s KeyOS Platform, Showtime has been able to support studio-approved DRM that easily fits into their video workflows. When Showtime decided to broadcast the Pacquiao vs Broner fight, KeyOS provided all of the real-time DRM licensing that’s capable of supporting the volume of users and geographic dispersion,” explains Levy.

The match cost viewers nearly $70 each and Showtime experienced zero leakage from the distribution points that BuyDRM was managing, so realised significant revenue through this protected stream.

Blizzard Entertainment

Blizzard Entertainment is one of the world’s largest and most well-known brands in the esports business. As a distributor of in-house-developed gaming titles, Blizzard enjoys a large global following of users and brand taste makers.

Each year, Blizzard brings its entire network of gamers, partners, developers and industry insiders to Irvine, California, near its global HQ where it holds a five-day convention known as Blizzcon. This event is a fast-moving blur of product announcements, panels, networking events, partner events and, of course, live gaming.

Produced with more than 45 HD cameras broadcasting through two $10 million production trucks, Blizzard delivers a $65 live pay-per-view webcast through in HD and SD to all of the major consumer playback platforms.

To protect its investment and the rights of individuals paying to view its content, Blizzard uses BuyDRM’s KeyOS MultiKey Service to manage and deliver all of its Widevine and FairPlay licences to hundreds of millions of users around the world.

“Blizzard’s annual Blizzcon pay-per-view webcast is by far its largest brand and platform event on a global basis,” notes Levy. “Each and every year it saw increasing numbers of viewers around the globe and more and more of its content leaking to places not authorised. Using BuyDRM’s KeyOS MultiKey Service, Blizzard was able to easily drop in Widevine and FairPlay to support to its encoding, delivery and playback platforms, making the DRM implementation experience seamless and painless.”

This article first appeared in the June 2020 issue of FEED magazine.

Arc lights the way for digital

April 24th, 2019

The Washington Post’s Arc Publishing tools have become a guide for digital first media...

Live Streaming Shakespeare

February 12th, 2019

Ravensbourne University streamed performances of the Royal Shakespeare Company to schools all around the...

Vizrt: The state of IP broadcast | Watch...

September 27th, 2021

We sat down with Roger Crothers of BBC Wales, and Gerhard Lang and Daniel...

Moving mountains

October 8th, 2023

Eurovision Sport and Actua Films brought the Ski Mountaineering World Cup to fans worldwide,...