PallyCon Anti-Capture Guide


PallyCon Anti-Capture is a product that can monitor recording programs when playing Widevine DRM video in Windows Chrome browser.

This document explains how to download and install the Anti-Capture product, explains the process and how to apply it to the player.

Product Components

PallyCon Anti-Capture product consists of a Chrome browser extension, a JavaScript API and a Windows service application.

  • SecureVideoWatch.js: JavaScript API to send and receive messages from Chrome extensions

  • Secure Video Watch extension: Chrome browser extension (installed from Chrome Web Store)

  • Secure Video Watch Service: Windows service based application

On the web page, the SecureVideoWatch.js API sends a message to the extension and the Windows service application installed on the PC. The service application returns the results to the extension in the requested message, and the extension returns the results back to the web page.

For example, if you send a message such as whether anti-capture is installed, monitoring start / stop, etc., the anti-capture program will receive the message through the extension and return the result.

Client Environments

Client environment required to apply PallyCon Anti Capture is as follows.

  • Windows 7, Windows 8.1, Windows 10

  • Chrome browser version 79 and later (latest version as of December 2019)

Program Installation

The relevant program must be installed on the client system as follows:

Anti-Capture Monitoring Process

When you play an HTML5 video with Anti Capture in the above client environment, the following process is repeated continuously to monitor the screen recording.

  1. The player playing the content calls the SecureVideoWatch.js API to send a message to the extension.

  2. The message is received by the Native Message Host and delivered to the Secure Video Watch service installed on your PC.

  3. The Secure Video Watch service receives the message and returns the monitored result.

  4. The native message host that receives the result passes it to the extension and raises an event if there is an issue.

Sample Files

PallyCon Anti-Capture product provides the following test samples. You can use the samples to understand the anti-capture feature and refer to it when developing the actual service.

  • Library for sending and receiving messages with Chrome extensions   - SecureVideoWatch.js

  • Library for playing DRM DASH contents   - video.js, dash.all.min.js, videojs-dash.js

  • Other libraries applied to the page   - bootstrap.min.css, jquery.js, style.css, video-js.css

Preparing Test Environment

Node.js can be used to test PallyCon Anti-Capture locally.

  1. Download and install Node.js.

  2. Open a terminal, go to the deployed sample folder and execute the npm install command.   - Modules to run the sample are downloaded and installed.

  3. When the download is complete, execute the node app command. (See picture below)   - If no module is found, install it by running npm install module name.   - After installation is complete, run the node app command.

  4. In your browser, call the URL http://localhost:3000/index.htm.

Applying to Your Website

To apply PallyCon Anti-Capture to a website other than PallyCon’s demo page or a local environment, the domain must first be registered in the PallyCon anti-capture chrome extension.

If you want to use PallyCon Anti-Capture product, please provide your domain to register through a separate contact.

You must use an https URL for your player webpage instead of http. (Requires SSL / TSL application)

SecureVideoWatch.js Module

The SecureVideoWatch.js API delivers messages to Secure Video Watch service installed on your PC through Chrome extensions. When the result is returned, the extension will again accept SecureVideoWatch.js and process it.

The step-by-step API shown below must be applied to the webpage from staging content to end playback.

1. Load Page CheckInstall When the page loads, check to see if AntiCapture is installed.
2. Prepare to play ActivateAntiCapture Activate the anti-capture program installed before starting video playback.
3. Start playing StartMonitoring Monitoring starts when the video is played. SecureVideoWatch.js internally calls CheckCaptureStatus every 5 seconds to check whether the screen has been recorded. An event occurs when screen recording is detected.
4. After playback ends StopMonitoring Monitoring stops when video playback is completed / stopped.
5. Deactivate DeactivateAntiCapture If there is no longer content playback, deactivate the monitoring with the DeactivateAntiCapture API.

API Descriptions

API Name
CheckInstall Check the extension to see if Anti-Capture is installed on your PC. If NOK, you need to disable video playback and install anti-capture program.
ActivateAntiCapture Enables monitoring of anti-capture services installed on your PC through the extension.
DeactivateAntiCapture Deactivates the monitoring of anti-capture services installed on your PC through the extension.
CheckCaptureStatus Anticapture program checks the monitored information and returns the result.
SetMonitoringInterval Change the monitoring interval of the Anti-Capture service. A cycle of 5 seconds or less is not recommended for heavy use of system resources.
StartMonitoring CheckCaptureStatus API is called every 5 seconds to continuously check monitoring information. If you call StartMonitoring without calling ActivateAntiCapture, an error occurs.
StopMonitoring Stops calling the CheckCaptureStatus API. Calling DeactivateAntiCapture before calling StopMonitoring results in an error.


This is an example of applying SecureVideoWatch.js to the Video.js player.

<script type="text/javascript" src="SecureVideoWatch.js"></script>
<script src="video.js"></script>
<script src="dash.all.min.js"></script>
<script src="videojs-dash.js"></script>

<script type="text/javascript">
    // PallyConLib.js event listener
    window.addEventListener("message", function (event) {
        if (event.source != window)

        if ( && ( == "PallyCon")) {
          	console.log('[SecureVideoWatch] Extension Message : ' +;
            if ( {
                if (typeof player != 'undefined') {
                window.alert('[SecureVideoWatch] Extension Error : ' +;
    }, false);

    // 1. When the page loads, check if the Anti capture program is installed.
	window.onload = function () {
	window.onunload = function () {

    var player;
    function playPlayer() {

        // 2. Enable Anti capture while the player is preparing or before playing.

        player = videojs('videoPlayer');
        player.ready(function () {
            player.src('DASH URL Source');

        player.on('play', function () {
            // 3. When playback starts, begin continuous monitoring.

        player.on('pause', function () {
            // 4. When playback stops, end continuous monitoring.
        player.on('error', function () {
              // 5. If there is a problem with the player during playback, stop continuous monitoring and disable anticapture.
         }); (value) {
            console.log("[SecureVideoWatch] Successfully created player instance");

Countermeasures against Issues

Various Recording Programs

PC Screen Recorders

There are many recording programs, and new ones are coming out. In addition, client games or related programs may support recording.

For example, if you install Windows native XBox client, Steam program, NVIDIA / AMD driver, etc., the recording program will be installed together. In this case, the recording program or the related service should be terminated.

Chrome Extensions

There are many Chrome extensions support recording. If these extensions are installed in Chrome, the anticapture program will raise an event.

Even if the user doesn’t record, if the screen capture extension is installed, the anti-capture program will trigger the event, so you can delete or disable the extension.

Please report to us if you find a new recording program or if there is a recording program that is not registered in Anti-Capture program during the test.

Security Issue


Web applications have many security vulnerabilities due to code exposure and debugging. Therefore, once development is complete, basic protection is required by obfuscating code, and it is recommended to obfuscate files that call PallyConLib.js API.