It may have come as a shock to TV addicts everywhere when Netflix announced it will be closing the loopholes in some markets that allow people to share account credentials between different households.

The streaming giant is now acknowledging that the sharing of accounts is impacting its ability to invest in new content for its paying customers. Indeed, analysts at Cowen & Co. were widely quoted as estimating that if Netflix rolls out the programme globally, it could add an incremental $1.6 billion in revenue annually.

piracy 2

Protecting content and data in an evolving piracy landscape

Content Everywhere specialist Synamedia has already tapped into this need to detect illegal credential sharing, as explained by Nitsan Baider, director of product management at Synamedia, in an April 2022 blog.

Baider notes that credentials sharing is becoming even more prevalent and socially acceptable, even though it is a form of piracy that affects the bottom line of content providers. Synamedia has developed the Credentials Sharing and Fraud Insight solution (CSFEye), a cloud-based user behaviour analysis service that accurately identifies shared accounts.

Yet illegal content sharing is only one of several factors affecting content providers. As content is served to more devices, the opportunities for piracy increase.

As explained by Simon Brydon, senior director of security business development at Synamedia, the increasing shift to over-the-top (OTT) delivery and emergence of piracy-as-a-service (PaaS) – pirates using off-the-shelf white label technology – “means it is incredibly easy for pirates to steal, aggregate, sell and deliver content illegally, rubbing salt into the wounds of broadcasters who face spiralling costs buying content and making it available on a range of devices”.

“Protecting content and tackling streaming piracy requires a painstaking, forensic intelligence-led approach, supported by a legal and regulatory framework with the muscle power to deter, detect and disrupt pirates,” Simon Brydon

Content owners need to implement protection measures if they are to get the full value from their services. “Protecting content and tackling streaming piracy requires a painstaking, forensic intelligence-led approach, supported by a legal and regulatory framework with the muscle power to deter, detect and disrupt pirates,” said Brydon.

No silver bullet

Regular cinema goers will remember well the anti-copyright infringement campaign, “Piracy. It’s a crime.”

“You wouldn’t steal a car. You wouldn’t steal a handbag. You wouldn’t steal a television. You wouldn’t steal a movie. Downloading pirated films is stealing”, the advert went. Akamai, which produces regular reports on Internet security, noted that many people do not perceive downloading a film or re-streaming an event as theft because the original still remains intact.

Simon-Brydon-Synamedia12

Simon Brydon, Synamedia

However, in 2019 the U.S. Chamber of Commerce’s Global Innovation Policy Centre estimated that piracy was responsible for at least $29 billion in lost revenue in the U.S. creative and technology industries each year.

Pirates in the Outfield is Akamai’s latest State of the Internet/Security report and examines the evolving piracy landscape. The report is a collaboration between Akamai and MUSO, which provided data on streaming and download piracy activity across several industries.

Steve Ragan, security researcher at Akamai and author of the report, described piracy as an ongoing battle, and stressed that there is “no silver bullet to address each type of piracy online”.

Ragan said: “As content developers get better at guarding against piracy, criminals are adapting their methods to access protected content. The impact of piracy goes far beyond stolen movies and other content. The real cost is behind the scenes, leading to the loss of livelihood for those who work to create the movies, films, books, and software we all consume and enjoy.”

According to the report, between January and September 2021, global piracy demand — which Akamai said was measured by visits to websites offering access to movies and television shows, either directly through a browser or mobile application, as well as torrent downloads — reached 3.7 billion unlicensed streams and downloads.

The top pirated industries were television (67 billion total visits), publishing (30 billion total visits), film (14.5 billion total visits), music (10.8 billion total visits) and software, which includes video games and modern PC software (8.9 billion total visits).

”The real cost is behind the scenes, leading to the loss of livelihood for those who work to create the movies, films, books, and software we all consume and enjoy,” Steve Ragan

In terms of geography, Akamai found that the United States (13.5 billion), followed by Russia (7.2 billion), India (6.5 billion), China (5.9 billion), and Brazil (4.5 billion) were the top five locations for piracy website visits in 2021.

As Akamai explained, piracy poses a security issue both internally at organisations “and as another potential attack vector to protect against breaches of critical intellectual property (IP)”.

Tooling up

Fortunately, Content Everywhere specialists are not short of ideas and solutions when it comes to protecting content and data, as companies such as Synamedia illustrate.

Brydon said proactive technologies included advanced monitoring, detection and disruption services such as edge, forensic and head-end watermarking. “Automated take-down solutions also have a vital role protecting premium content,” he added.

Bart Lozia

Bart Lozia, Better Software Group

He also pointed out that advanced machine learning and AI technologies can help content owners get to grips with the different kinds of credentials sharing, “from family and casual sharing to industrial scale fraud and rampant credential abuses – and use a mixture of deterrents and incentives to tempt viewers back to legitimate service”.

NEP meanwhile has developed centralised production solutions that place a strong focus on security while meeting rapid changes in consumer expectations and usage habits.

Jorge Llano, global security information officer for NEP, explained that NEP’s secure centralised production “uses scalable IP technology to connect technical producers, directors, replay and on-air talent in different locations across the globe adapting, accelerating and distributing content to consumers on the go.”

Olga Kornienko, founder and COO of digital rights management (DRM) specialist EZDRM, suggests there is no better protection for content revenue than a robust DRM service integrated with a service entitlement system.

“This is now an easy integration with most video workflows, using established API standards and mature DRM microservice solutions,” said Kornienko. “As more high-value live events shift to a streaming format, the potential for service leakage due to gaps in stream security is very significant. Our specialisation is making it easy — and cost effective — to deliver secure streams to every client device type, so we are not limiting your audience, but expanding your revenue opportunities.”

On the topic of DRM, Bart Lozia, CEO of Better Software Group, also points out that the usage of Widevine — proprietary DRM technology from Google — may actually prove to be the source of vulnerabilities through the installment of plugins.

“This is a serious breach and affects Android, Android TV or Chromium based browsers,” Lozia said.

He added: “Fortunately, we already have some methods to combat these threats such as limiting the quality to SD if Google informs the operator about the L3 hack, which may be a good solution, but with the technological advancements on the both sides we should be looking for alternative fixes for the future.”

Lozia cites other protection techniques such as whitelisting to better protect premium content and watermarking to help with tracking leaks, content theft and protecting the distribution chain.

Of course, not every content provider will have the deep pockets or tools available to Netflix when it comes to protecting content. Here, Lozia suggests an alternative approach.

“If you can’t beat them, join them. If blocking account sharing without additional investments is not possible, try to make additional revenue out of it. Use profiles, track the IPs and give them a better user experience by adding a dedicated viewing list per profile, for example,” Lozia said.

Brydon said only by “continually monitoring and mapping the evolving pirate ecosystem — using AI technologies alongside a blend of human intelligence, including undercover investigators and cybersecurity experts — can you begin to answer questions such as: how do pirates steal the content; how do they repackage and sell it; how is content transported over the networks; where are the streaming servers hosted; where are the authentication servers hosted; how should I differentiate my content and disrupt it in real time.”

He concluded: “The importance of intelligence cannot be emphasised enough. Embracing, developing and applying anti-piracy technologies and methodologies is essential, but to mitigate - and even prevent – piracy, content owners need to get inside the criminal mindset.”