Your browser is not supported. Please update it.

3 December 2020

Intertrust fires shots at Nagra’s hardware needs, preps cloud transitions

Wouldn’t it be nice if you didn’t need to add additional silicon to the printed circuit board (PCB) of your shiny new TV? Wouldn’t it then be great if a security vendor could use the existing security hardware on that PCB to provide an operator-tier security environment for your new pay TV offering? Wouldn’t it also be swell if an operator could ditch the cost of set tops and access new sales channels via TV apps? Well, that’s the current pitch of Intertrust’s new ExpressPlay Media Security Suite.

After walking Faultline through the portfolio, Ali Hodjat, Product Marketing Director for Intertrust’s Media Solutions division, explained that the culmination of the line-up was in enabling the switch from set tops to TVs, while maintaining the security capabilities that the set tops enable and that operators (or rather the content owners) are so fond of.

This was where Hodjat pointed out that Nagra still requires bespoke silicon, in its TVKey offering, in the form of a hardware root of trust, which it currently offers via Samsung. So, an operator in the Nagra ecosystem would be able to access the usual set top-based tools in the TV, which would then keep the content owners happy. In the Intertrust ecosystem, the promise is that the vendor can do the same without the custom silicon, and it already has Vestel and Hisense signed up, with a number of others getting ready for announcements.

Nagra reached out, to counter, arguing that TVKey offers the highest level of security in the industry, and that it is an open specification that is open to other vendors to use. With Samsung, Nagra has arguably the flagship customer, but it is important to remember that many TV manufacturers are playing at an order of magnitude lower bill of materials. Here, the software-only approach is going to be more tempting, as generic hardware designs are going to be cheaper to implement. Nagra stressed that it too has software-only options, suitable for the ‘Direct to TV’ (D2TV) channel.

We asked Intertrustabout the consensus on this shift from hardware to software. Hodjat said that lots of operators don’t want to give up the set top, even if they know that it is an additional cost burden. They want to control the subscriber using the device, and get access to all the usage data that the set top enables – showing how their customers actually use their services. They fear not having the same control and data access if they ditch the CPE.

On the other hand, they are also aware that they are losing subscribers to the easier user experience of SVoD, and Hodjat believes it will take some time until the operators collectively realize that shifting the set top functionality into the TV is the future. The question becomes ‘what is this customer control worth to me?’ and once you start factoring in the entire Total Cost of Ownership (TCO), over the life of the customer relationship, that balance starts tipping.

The other dynamic, Hodjat said, was that moving the set top functionality into the TV itself opens up new sales channels. Now, just as Netflix can pick up new subscribers via a pre-loaded or post-installed app on the smart TV, a pay TV operator can do the same.

Of course, moving wholeheartedly to this sales channel would erode or negate the value of the TV network infrastructure, as the service would be relying solely on the home broadband connection for that OTT delivery. That is something that is going to upset a lot of vendors in the cable and satellite industry, and there will be considerable backroom lobbying to prevent or at least slow that transition.

But there are already signs that this shift is getting underway. Hodjat pointed to HD+’s launch with Sony and Vestel TVs, which began deployments a few months ago, after being announced at IBC 2019. HD+ was able to launch a ‘Direct to TV’ (D2TV) service, thanks to the Intertrust expertise that was being deployed inside the Vestel and Sony units – which used Vewd’s HbbTV and the Android TV stacks, respectively.

In that deployment, HD+ is still relying on satellite dishes for the delivery, but the security components have been shifted into the general design of the TV circuitry – rather than custom silicon enclaves, or security access cards that need to be inserted in order to unscramble the channels. With more TV vendors waiting in the wings, Intertrust is hoping to significantly expand the reach of its new ExpressPlay Media Security Suite.

Separately, Intertrust is quite pleased with the shift from the old on-prem security architecture to its new cloud-based systems. Based on AWS infrastructure, Intertrust is providing integrations with customer systems, while hosting the suite inside its own cloud – providing it as a service, accessed via API.

This was tested at considerable scale, during the Cricket World Cup, where key issuance and rotation was handled for over 25 million concurrent users for India’s Hotstar, and in SonyLIV’s launch – serving over 130 million users. Hodjat says this proves that the technology functions at scale, and while a little outside Faultline’s usual focus area, the 160 million monthly active users for Line’s new VVID digital trading card game suggests the platform’s flexibility.

Turning to low-latency live streaming, Hodjat described Intertrust’s integrations with AWS, and the proposed industry standard that is the Secure Packager and Encoder Key Exchange (SPEKE) API, and Fastly’s Edge Cloud platform, which is serving Vimeo and A&E in the US.

At this point, we asked if vendors like Intertrust were concerned that these cloud computing vendors were going to start trying to poach clients and business from the security crowd? Hodjat said AWS wants to add broadcast capabilities, not just streaming, and that he believes AWS mostly wants to stay in that lane – and not attempt to become an end-to-end OVP.

We caught sight of CMAF in the presentation, and asked what was going on there. Hodjat was keen to explain that the emerging standard file format could significantly cut CDN costs, as you would only need to handle one type of file – with Apple’s HLS shifting from MPEG .ts containers to the fragmented .mp4 containers already used by MPEG-DASH and Microsoft infrastructure.

But the bigger efficiency boost comes from CMAF’s harmonization of the different DRM choices, as there is only one encryption algorithm to worry about – instead of the handful currently required. You would then be able to use the same security key across different versions, only having to encrypt the video files once. This promises big efficiency gains, but we will keep our eyes peeled to see how that pans out in the end.

Another tidbit caught our eye, in a Forensic Watermarking deal with UK firm FriendMTS, for live content protection. FriendMTS provides web monitoring (crawling) and Advanced Subscriber ID (ASID) services, adding device-level watermarks for real-time identification – and then hopefully swift takedowns. Hodjat pointed out that such capabilities are becoming commonplace stakes for sports, something that has been accelerated by Covid-19.