Forensic watermarking: Why and how?
Forensic watermarking complements content protection technologies such as digital rights management (DRM) and conditional access systems (CAS) by providing a means to protect content further through identification. More specifically, it’s a technology that imperceptibly alters a video asset to generate unique copies to be delivered to individual recipients by embedding a digital watermark that is an invisible “mark” or code in a video to uniquely identify its originator and authorised user. This forensic information can relate to the device receiving or displaying the video asset, its model ID, timing, or any other information that can help identify the source of piracy.
We’ve noticed two main drivers of forensic watermarking in the industry: studios that release ever-increasing premium 4K/UHD and HDR video content, and broadcast operators which release expensive and exclusive content which is typically short-lived, such as live sport events.
Both of these market drivers have different expectations for forensic watermarking. On the one hand, the major studios use it to gather intelligence and understand their distribution workflow vulnerabilities. This type of piracy breach is usually solved by revoking the subscription and access to the content. On the other hand, major broadcast operators instead use forensic watermarking as evidence to immediately cut the source of an illegal pirate live redistribution. In both cases, though, they require watermarking technologies to efficiently scale with the number of consumers.
Types of watermarking
Currently, there are two popular watermarking schemes: client-side and server-side watermarking. Server-side watermarking is the scheme that we’ve incorporated in our Video Toolkit solution, which is a cloud-based content processing service, optimised for preparing content for OTT delivery with a simple API. Server-side watermarking is a safer scheme with better protection as it doesn’t expose unprotected content to a wide audience (client-side requires the watermark to be embedded within end-users’ video consumption devices thus compromising the security). With server-side watermarking, the marked content can be played back across the widest range of OTT devices without device-specific integration complexity and it allows for the most efficient watermarks in terms of robustness/invisibility ratio to be used. What we mean by the robustness/invisibility ratio is the balance maintained between the watermark being secure against a range of threats (such as screencasting or recompression) while remaining unnoticed by viewers. If a watermark is focused too much on avoiding threats, it could interfere with viewing experiences by being visible. In turn, if it’s too invisible it could weaken the overall solution. This level is not achievable with client-side watermarking because usually the client-side solutions don’t even have the access to the decrypted and decoded content itself. Server-side watermarking can create a content-specific perpetual model which will be the hardest for the malicious users to exploit.
We have been working closely together with ContentArmor, a leading forensic watermarking vendor, for a session-based forensic watermarking solution that works directly on the encrypted content without breaking the secure data path. Their technology enables tracking down piracy and being a powerful barrier which is impenetrable to a variety of modifications to the content, right from screen captures to simple coding.
Now that we’ve covered forensic watermarking as a whole, let’s talk about the A/B Switcher. It’s one of the most common approaches to watermarking to identify where a potential content rendition originated from, down to a service’s individual user accounts or streaming sessions. Video Toolkit produces two different watermarked versions of each segment and then once it’s uploaded to the origin server or CDN, the A/B Switcher redirects the requests and generates session-specific manifests on the origin server with segment lists consisting of different chunk combinations. This enables the segments of the video to be arranged in a specific order and each viewer receives a uniquely constructed stream.
For example, based on the ID number your system uses to reference users. Our A/B Switcher is easy to implement and can be automatically deployed as part of our solution. Furthermore, it’s ideal for cloud-based delivery as the whole video doesn’t need to be encoded with the watermark for every user, the two different versions of the stream allow to sufficiently insert enough watermarks for the entire user base. This not only saves storage but the cost of the procedure.
What about operators?
Our A/B Switcher is aimed at watermarking and protecting content which is viewed directly by the customer, however, there’s also operator watermarking. It’s another watermarking scheme which is aimed at operators. For example, if a company has multiple entities and it’s looking to watermark content which it distributes to the other operators, this solution will help them to track and detect if there’s a breach within its organization. This specific solution requires a lower volume of storage as it doesn’t use the A/B Switcher but just encodes content and embeds the watermark.
Bitstream watermarking is another way of server-side watermarking which can be done in two ways: by pre-encoding the video or post-encoding it. The post-encoding advantage is that the video only needs to be encoded once to have the watermark, when for pre-encoding it has to be twice. This doubles the encoding costs and time. Bitstream watermarking is also a Hollywood-approved watermarking scheme which is secure and robust. Some of the advantages of bitstream watermarking are that it has a local server option so watermarking can be applied securely on-prem and on-the-fly, being a good option for in-flight entertainment. Furthermore, it does not require duplicate streams. Bitstream watermarking is implemented in Video Toolkit as well and can be used with our A/B Switcher.