With Netflix’s popularity booming around the world, video piracy seems to be a major issue to combat. In 2020, Netflix spent nearly 12 billion U.S. dollars on its original content creation. Any illegal content distribution may lead to a decrease in paid subscribers and revenue loss. When people pirate movies and TV shows, they are less likely to subscribe to legal streaming services like Netflix. To fight video piracy, Netflix uses Digital Right Management (DRM) to protect the copyrights of its premium content. Netflix DRM is one of the most secured anti-piracy solutions for premium videos.
The need of Video Security for Netflix
Netflix is one of the most popular OTT/Video on Demand platforms. It serves thousands of premium movies and web series across the world. There is a lot at stake when topmost Hollywood and other global movie production houses are streaming and relying on the Netflix DRM Encryption. Its mechanism needs to provide highly secure streaming which should also provide a good viewer experience.
So primarily these are three reasons Netflix needs Video DRM for-
- Secure their video revenues by preventing/restricting online video piracy. Illegal downloads & Screen capture are the most common methods of piracy.
- Protect the Copyright of movie producers on the content. Any form of video piracy also violates copyright acts and is a brand loss for the content producer.
- Increase the number of subscribers by restricting piracy. Suppose a viewer was intending to buy a Netflix subscription to watch his favourite upcoming movies. But then viewer searches on Google and finds copies of the premium content on the internet, this may prevent them from buying a subscription. Thus, security from video piracy is also needed for any OTT platform like Netflix to continuously increase revenues.
What is Video DRM?
The word DRM stands for Digital Rights Management. As the full form suggests, it is about managing and securing the rights of the content. Coming to the video, Video DRM generally means certain key video streaming security protocols maintained by likes of Google and Apple to prevent illegal video downloads in browsers and mobile apps. Two widely adopted DRMs are Google Widevine and Apple Fairplay DRM. We will explore more about DRM and how it helps Netflix in the below sections.
What happens when content is non-encrypted?
As in the case of youtube free videos, where the content is not at all encrypted; this allows browser plugins/extensions/hacks to easily grab youtube content and illegally download the raw file. There are many other platforms that similarly do not encrypt the content and there are hundreds of free plugins, extensions or websites to download such videos.
It is to be noted that same is not the case with the youtube pay per view movie platform. It does use video DRM encryption.
That is why the need for Video DRM came.
Happenings when content is encrypted?
The most common form of open-source encryption technologies are HLS encryption, AES encryption and RTMP encryption. While these technologies are one level more secure than Youtube, but the key exchange mechanism in these streaming technologies is not 100% hidden/blackboxed and thus ultimately hackers or software are able to grab the encryption key. Once a hacking tool gets the encryption key, it can combine the revealed key with the encrypted content to get the raw file back. Thus, these technologies are not totally secure.
What happens when content is DRM encrypted?
Adding DRM encryption to videos means, adding an encryption layer based on protocols of Google Widevine DRM and Apple Fairplay DRM. These DRM protocols are not open source. Since Google and Apple have browser/OS/hardware level control over the video playback in most devices, they are able to provide a blackboxed mechanism to secure the key exchange. In technical terms, this blackboxed mechanism is called a Content Decryption Module or CDM.
- In Google Chrome and the Android app, Google Widevine DRM can secure the encryption keys.
- In Mac/IOS Safari and iOs app, Apple Fairplay DRM can secure the encryption key.
- Firefox and Edge on Desktop and Android, Google has partnered with the browser owners to implement Google Widevine DRM.
A detailed compatibility chart of these DRMs is included here.
Note – Implementing Google Widevine DRM and Apple Fairplay DRM requires licensing partnership with Google and Apple and maintaining a secure playback infrastructure in compliance with these DRMs.
Other Security Features of Video DRM
- Prevention of illegal downloads and option for offline secure download in apps – In all the cases where video DRM based playback is happening, illegal video download is prevented. In the case of mobile apps, secure download and offline playback restricted inside the app is possible. DRM also allows giving a single time validity to these offline playbacks, setting them to expire after a certain period of time. (e.g 1 day/1 month/1 year)
- Screen capture block in mobile apps and certain browsers – In certain cases like iOS apps, ios/mac Safari, and Android apps in many devices (Widevine L1 devices, not all devices), DRM can also totally block screen capture. In the case of android apps, in devices where DRM is not able to block screen capture (L3 devices), there are other methods to block screen capture. Those other methods are already implemented by Netflix DRM encryption mechanism and also by VdoCipher.
- Serving different video quality based on HDMI security levels – While most video platforms across the world like to serve the highest quality (whether it is 1080p or 4k) to all devices and browsers. But for certain premium movies, mostly coming from Hollywood, there are restrictions on where all full HD can play or not based on the HDMI security level in that device/browser. E.g I know for a fact that most famous Indian movie platforms do not implement these quality-based restrictions.
Other Security features apart from DRM used by Netflix
- Viewer based(dynamic) watermarking – Netflix DRM encryption mechanism and many other premium video platforms use viewer based watermarking. There are 2 kinds of viewer based watermark – visible or invisible. Many viewers might have seen the example of dynamic watermarking while watching some popular series/movie or especially live sports channel. There is a string with text and numbers that keeps floating over the screen. That watermark is a unique identifier to your device. Some platforms tend to keep this dynamic watermark visible so that it also discourages viewers from screen capturing and sharing their content. But some other platforms use invisible watermarks to not alter the viewer experience but detect the pirate user in case they come across any distributed pirated content. VdoCipher provides a visible form of dynamic watermarking.
- Preventing rooted devices from playback – While rooting and trying to decipher Apple Fairplay DRM is very very difficult, some hackers attempt to break Widevine DRM in Android apps by rooting devices. Implementation of Safetynet, which is a Google app protection mechanism disables playback in rooted devices.
- Restricting playback in multiple devices based on plan – If you look at Netflix plans in the below screenshot, you will see that the number of devices which can play videos from the same account is limited.
- Geo Restriction – Geo restriction is more of a form of restriction rather than security from piracy. Movie content comes with a set of distribution rights. For a certain movie, Netflix can have rights to stream only in the USA, while for other movies Netflix may have rights to stream it anywhere outside the USA. These rights depend on agreements with content producers. Geo restriction ensures that these agreements are adhered to.
How does Netflix DRM prevent Screen Recording?
This is done with the help of EME or Encrypted Media Extensions which is a W3C specification for establishing a communication channel. This channel help web browsers communicate with DRM’s black boxed mechanism via Content Decryption Module (CDM) software.
This happens in Safari browser , android app and ios app.
Basically, for screen capture, a web browser communicates with the Video Player having EME which invokes DRM. Whenever a screenshot command is passed, it gets overridden via DRM secure playback and hence you get black screenshots or recordings. This mechanism combines the power of EME using HTML5 players to invoke the underlying DRM encryption.
Netflix and VdoCipher both use the same implementation for Screen Recording and Screenshots protection.
Netflix’s role in improving the DRM ecosystem across the internet
Since most of the population viewing online entertainment or course content are not themselves the platform owner, most of them are not in support of video DRM. While students feel that they are left out of free unlimited access to premium movies due to DRM, while on other hand some engineers are of the view that it is not right to have a blackbox (Content decryption module/CDM) in open web standard.
Browsers like Firefox who did not by default have DRM a few years back also had to implement it, else it would have led to a considerable loss of viewership to them.
Potential issues with video DRM
There is a very small % of devices which have compatibility issues with Widevine DRM in android and are unable to play DRM secured videos. Such device % is estimated to be in the range of 0.1 to 0.3% based on our experience at VdoCipher. Such cases occur mostly in Android and not in Apple/Windows devices. Some of these issues are owing to the fact that sometimes manufacturers like Realme, Huawei, and Xiaomi try to implement their own OS along with Android and make changes in the OS system which causes such issues. Some of such issues are resolved in device updates. E.g. This support article/tutorial of Netflix on handling one such DRM issue.
How can I as a movie/course platform implement Video DRM with ease?
Earlier, DRM was mostly within the reach of large enterprises like Netflix, and Amazon because of the complexity of integration and the time it took for integration. This problem is addressed by VdoCipher – a video DRM + video hosting solutions provider which combines multi-device video playback & player with a robust Google and Apple Video DRM. The unique proposition of VdoCipher is that the integration effort required by the customer is minimal and even a single person owned website can integrate DRM based video playback with ease using VdoCipher. From a single person owned website to popular media/e-learning platforms with millions of users; VdoCipher is built to serve everybody who is in dire need of video security.
What all do you get?
- Packaged cloud video hosting solution with Video DRM encryption
- Dynamic Watermarking
- Domain Restriction
- Smart Video Player
- Dashboard to manage videos
- Iframe, Plugin, API, SDK Integrations
If you want to read more on the History of Netflix, do read the blog linked.
Here are some other interesting blog related to Netflix:
How does Netflix Encryption block screenshots?
Netflix uses a technology called digital rights management (DRM) to encrypt its content and prevent unauthorized users from accessing it. When you take a screenshot of Netflix content, the DRM software prevents the screenshot from being saved or shared.
How does Netflix DRM work to protect its content piracy?
Netflix DRM uses a combination of encryption, licensing, dynamic key exchange mechanism, and access control to protect its content.
Is there a visible Netflix watermark?
No, there is no visible watermark in any content on Netflix but it is possible to have dynamic invisible watermarking with user info.
Supercharge Your Business with Videos
At VdoCipher we maintain the strongest content protection for videos. We also work extremely hard to deliver the best viewer experience. We'd love to hear from you, and help boost your video streaming business.
I love exploring the nexus between tech, marketing, culture, space, and politics by lying awake at night pondering over the myriad facets of life. In my spare time, I enjoy watching nature documentaries, sci-fi and drama series.