E-learning organizations and other providers of e-learning content have recently had to confront the potential risks associated with content piracy, which poses a major new threat to their long-term revenue security. In addition, their business is also vulnerable to illegal sharing from their own customers. Fortunately, there is a single solution to both of these issues: digital rights management (DRM). DRM is not a new technology, having been in use for some 20 years in other commercial contexts such as subscription VOD and live streaming services.
The need for DRM technology
The first step in securing content is deploying strong encryption, preferably by using the incredibly robust AES-128 algorithm. Encryption provides stronger content protection than hosting videos on sites such as YouTube or Vimeo, where they can be easily downloaded with online tools and shared with or sold to others (which may infringe on copyrights, whether intentional or not). Therefore, strong encryption is a necessity, but it is not sufficient on its own because encryption can be bypassed if the keys used to unlock the encrypted content are not securely managed. The same goes for authentication tokens as one paying user can obtain and share the necessary keys used to decrypt the content.
These issues mean that solely deploying AES-128 encryption is not enough to secure the e-learning video content. Content producers in other fields, such as movie streaming services and live sports broadcasters, already employ a wide-ranging content protection model known as digital rights management. This is the same level of protection that premium e-learning video content needs, too.
This higher level of security is due to the fact that DRM systems separate decryption keys from the content and manage the entire decryption flow in trusted security components that are not accessible by the user. DRM systems bind the transmission of keys and the decryption of content to user compliance with certain business rules, which prove user authorization to access the content. This allows organizations to build a subscription or ad-hoc access model where the content is limited to specific subscribers, chosen devices, or governed by certain time limitations.
The challenges of multi-DRM
While DRM is an extremely effective revenue security model for content producers and distributors, the fragmentation of the global video-enabled consumer devices market presents a significant challenge, as different devices support different DRMs which is mostly a function of the operating system of a device. In 2019, there were more than 63,000 device profiles worldwide, and with an annual growth rate of 20%, it’s exceedingly difficult for content creators to deploy a single type of DRM.
The majority of devices support one of the three major DRM systems: Apple FairPlay Streaming, Microsoft PlayReady, and Google Widevine. However, there are also a significant number of devices, particularly in the Asian and European markets, that don’t support any of these DRMs. In these instances, content distributors can take advantage of Marlin, an open-standard DRM, for content security.
Along with the divided nature of global DRM and device proliferation, another issue for e-learning content distributors is the variation between the many generations of the Android OS and how device authentication functions on them. In this situation, e-learning content distributors must authenticate devices through core security in the OS or the device’s chipset before students can access their content.
To avoid a situation where e-learning content distributors need to keep a vast and complicated content security deployment for each asset, device, and DRM, the natural solution is to implement a multi-DRM system that can keep content secure across everything. By adopting industry standards of usage such as the Common Encryption Standard (CENC), which allows PlayReady and Widevine encryption schema to be executed on a wider variety of devices and internet browsers, the industry has reduced many of the complications tied to multi-DRM support.
Now, creating and maintaining a multi-DRM architecture in-house involves significant resources and time, which typically makes it an unaffordable option. It’s far more efficient to engage with a third-party multi-DRM service for content and revenue security.
Further content security challenges
The scope of content protection isn’t limited to effective encryption and authentication methods. Unfortunately, there are other ways that pirates can steal and profit from e-learning video assets, including reverse engineering streaming applications and using side-channel attacks. These can be defended against by employing logic-based white-box cryptography, which secures applications at the most essential source code level.
Content protection is also enhanced with forensic watermarking, which sees invisible digital codes embedded in content. These digital codes make it possible to identify pirates and illegal content sharers. This method is deemed essential for live sports broadcasters.
Premium protection with the lowest TCO
Naturally, e-learning content distributors are looking for a DRM system that can secure their assets and help them overcome the challenges of support across all devices while not adding prohibitive costs to their business model. This is achieved by the cloud-deployed ExpressPlay DRM, one of the world’s most widely-used multi-DRM services. The ExpressPlay DRM platform provides all the security functions content distributors need from a multi-DRM service, including content encryption, key protection, secure playback functionality, device credentials, and audit reports on licensing term adherence.
As a turnkey solution, the ExpressPlay multi-DRM service gives e-learning content distributors the power to deploy a rights management and monetization system in a few simple steps. This avoids high setup costs and eliminates the need to create new tech infrastructure, thereby delivering the lowest total cost of ownership (TCO).
Alongside excellent content security and low TCO, ExpressPlay DRM also provides significant benefits over competing services. It supports open-standard Marlin DRM besides FairPlay, Widevine, and PlayReady. The Marlin DRM integration is especially valuable for e-learning content distributors since it is already the native DRM on millions of devices in Asia and around the world. In all such instances, there is no need to use the ExpressPlay SDK to integrate the service with device players.
The solution to e-Learning content security
The huge growth of the e-learning industry, accelerated significantly by the Covid-19 pandemic, means that e-learning video content is now a multi-billion dollar industry. However, with piracy already costing other video content providers more than $50 billion a year, e-learning content distributors need to secure their business models with a wide-ranging, flexible, and affordable security system.
The ExpressPlay multi-DRM service provides exactly that, with industry-leading content protection mechanisms, including advanced key protection and optional forensic watermarking. It’s cloud-based and scalable, meaning content distributors never pay for more than they need while scaling up or down to reflect actual usage. ExpressPlay DRM also delivers the lowest TCO of any multi-DRM service.
To find out more about how ExpressPlay DRM helps e-learning content distributors secure and monetize their assets while providing the broadest device accessibility and lowest TCO, please download the whitepaper.
About Bo Ferm
Bo Ferm is engaged in product marketing activities for Intertrust ExpressPlay. He is a versatile technology professional with 30+ years of successful B2B positions in Europe, North America and South East Asia. He has worked extensively with broadcasting and streaming technologies, with the past 15 years dedicated to media security in various forms.