To prevent unauthorized use and leakage of content, many online content services are applying a multi-DRM solution provided by professional DRM vendors. A multi-DRM solution basically has license management features for multiple DRMs such as PlayReady, Widevine and FairPlay to support major web browsers and mobile OS.

In this series, we will examine each of the DRMs and related elements of multi-DRM technology in the following order.

• Part 1: Microsoft PlayReady DRM
• Part 2: What is Google Widevine & How it works
• Part 3: What is Apple FairPlay DRM & How it Works
• Part 4: All about DRM packaging & CPIX/SPEKE API
• Part 5: Multi-DRM client integration (this article)

Playback process of DRM content

After the DRM packaging process described in the part 4, encrypted DRM content is delivered via CDN to the end user’s device. To decrypt and play the content delivered to the client device by streaming or download method, the client needs to obtain a DRM license from the server as shown below.

The DRM license consists of the key used for encryption when packaging the content and the usage rights information for that content (playback period, offline playability, security level, etc.). To ensure that the key value used to decrypt content is not compromised and the usage rights are not tampered, the DRM license data is also encrypted and protected with a client device’s unique key.

DRM license integration method

Before the DRM license server can process license requests from client devices, you must first ensure that the user has permission to use the content. To this end, most DRM solutions / services support integration methods with the system of content services as below.

Integration with license token

A method of issuing DRM licenses through tokens generated by the back-end system of the content service according to predefined rules.

Token-based license issuance is performed as follows.

The advantage of the token method over the callback method described below is that communication between the content service system and the DRM server is not required, which reduces the delay in starting content playback.

Instead, the initial integration requires more resources because the content service operators must implement the functions to generate tokens and pass them securely to clients.

In the case of a large number of requests in a short time or a global service, we recommend using token-based license integration to maximize license issuance performance and minimize latency.

Integration through callback URL

In callback type license integration, the DRM license server verifies the user’s rights to use the content through HTTPS URL communication with the content service’s system when a license request is received from a client.

Callback license integration is as follows.

The callback method has a longer playback start delay due to communication between systems than the token method, and thus has a disadvantage in the simultaneous processing when a large number of license requests are concentrated in a short time.

However, it can be tested relatively easily compared to the token method during the initial integration process. And it has the advantage of reducing the burden of safe management of token data by content service operator.

Multi-DRM Content Playback by Client Type

Most OTT content operators provide services to a variety of client devices to support as many users as possible. Multi-DRM solution / service providers support multiple platforms and devices in the following ways to meet these requirements.

HTML5 web player integration

Web browsers that support HTML5’s Encrypted Media Extension (EME) standard can play multi-DRM content through the Content Decryption Module (CDM) provided by each OS and browser. (Ref.)

Open source HTML5 players, such as Shaka Player and VideoJS, and most commercial players, such as Bitmovin and THEOplayer, provide the APIs needed to integrate multi-DRM licenses.

You can configure DRM-supported HTML5 players with a DRM license URL and license request data (CustomData) as well as the URL of DRM content (DASH .mpd or HLS .m3u8 address) to play.

The custom data used to request DRM license uses its own specifications for each DRM solution / service provider. For detailed guides and samples of PallyCon Multi DRM’s HTML5 web player integration, check out the PallyCon online documentation.

Mobile web browser integration or app development

There are two ways to support DRM content playback in mobile environment such as Android and iOS.

• Using a mobile web browser: Plays in a mobile browser that supports multi DRM through the HTML5 player integration described above.
• Using native mobile apps: Content service provider can implement the integration directly by following the custom data specification, or apply mobile client SDKs provided by a multi DRM vendor.

Playback on various OTT devices

In addition to PC web browsers and mobile devices, various OTT devices such as smart TVs, set-top boxes, and game consoles also support multi-DRM.

To service multi-DRM content on these OTT devices, you can use the device-embedded browser through the EME-based web player integration. Or you can develop native apps by applying multi-DRM SDKs for each OTT device.

Click here to find the multi DRM support information for each client platform.

Conclusion

This was the final article about the basics of multi-DRM technology. Multi-DRM is a complex technology that requires multiple technologies, standards, and various solutions to work with.

To apply this complex multi-DRM technology quickly and easily, it is recommended to use a multi-DRM company that integrates multiple DRM technologies to provide a unified API and works with various media related solutions such as encoders and players.

PallyCon Multi DRM is a cloud-based, one-stop multi-DRM service provided by INKA Entworks, a content and application security technology company. We provide a variety of integration guides and APIs / SDKs to help our customers quickly and easily adapt multi DRM.

References

• #1 https://pallycon.com/docs/en/multidrm/license/license-token/
• #2 https://pallycon.com/docs/en/multidrm/license/
• #3 https://web.dev/eme-basics
• #4 https://pallycon.com/sdk/