Client-Side Watermarking Allows OTT Content Creators to Protect Their Work from Piracy

The use of watermarking solutions to protect video content from piracy has become widespread in the last few years. It is possible to implement these strategies on both the client and server sides, or in a hybrid fashion.

In the client-side watermarking approach, the content server sends a unique content copy to all users via broadcasting channels without the need to generate unique watermarking copies for each user. With a broadcast system, network nodes and servers are freed from bottlenecks caused by computational load and bandwidth requirements. Client-side solutions can be embedded in media players or media players themselves, or they can be securely integrated with the media players themselves. Watermark extraction can be completed in one minute, whereas server-side applications can take up to 15 minutes, making them ideal for protecting live sports streaming.

As a result, there is a need for solutions that prevent malicious users from accessing the original content or inserting the watermark, since client devices cannot be trusted. In order to address this issue, a new technique known as secure video watermarking embedding has been developed. As a result of this method, each client receives a unique watermarked version of the original asset, even though the server transmits a decrypted version of the original asset to all clients.

Client-side watermarking also makes the watermarking logic visible, making it possible to circumvent the watermarking process. Reverse engineering the exposed JavaScript code or modifying the DOM are both viable options (document object model). Changing, introducing, or removing visual elements in the application is a way to modify the DOM.

To protect DRM protected content, additional tamper-proofing methods must be employed. JavaScript reverse engineering necessitates the use of JavaScript obfuscation and anti-debugging/anti-tampering techniques to safeguard the agent’s code. They prevent code analysis by breaking the web layer in the event of an attack. In contrast, DOM tampering can be detected and blocked in real time by continuously monitoring the DOM for any signs of tampering with the watermark. The DOM (HTML elements and CSS properties) can also be monitored using web page monitoring solutions, regardless of the delivery method.

Since a different secret key is required for each watermarked copy, the secret key could include identification information for source authentication, a set of codes or parameters from the original un-watermarked content. To both embed and detect the watermark, the secret key must be known. Watermark detection techniques are generally not available to potential attackers, but if they are, a security threat may arise.

If you’re using a secret key scheme, you’re inserting and removing watermarks with the same key. A secure method of transmitting the key must be used in this case. A public key can be used to verify an asset’s integrity and ownership in the case of public keys. A private key is used by the image’s owner to add a watermark. Anyone can extract a binary watermark from a watermarked file using the public key during the watermark extraction process.