The changing nature of piracy threats means that some broadcasters should be considering cardless security systems even for one-way services with no return path.
This is the conclusion of a white paper just published by UK TV consultancy group Farncombe, sponsored by U.S. content security vendor Verimatrix. This was what Verimatrix wanted to hear as a vendor of software-based conditional access (CA), but Farncombe emphasized that cardless security was only appropriate for one way services when the incentives for pirates were not too great.
Even then, Farncombe advocated inclusion of a slot for a smart-card solution as a contingency just in case the service is victim of a perfect clone attack, which would otherwise require replacing all set tops or receiving devices at an average cost of at least $25 per user. In that event, a smart-card solution could be deployed more cheaply if slots were available in the devices.
According to Farncombe, circumstances in which cardless security is suitable for one way services include cases where there is a small customer base, or when there is a low volume of premium content that is not available elsewhere, when the target for pirates does not merit high investment in hacking. If these were the only use cases, the appeal of cardless security would be limited, but Farncombe goes on to argue that it is also appropriate for markets with high broadband penetration and speeds, for a slightly more subtle reason.
In that case, there is good scope for pirates to succeed by getting hold of content at sufficiently high resolution, regardless of what CA is used, because the CA does not need to be attacked. Then the only response to the piracy is through monitoring and, if necessary, shutting down the service, so the CA might as well be cardless because it makes little difference if it is less secure.
However, Farncombe argues that in many of these cases cardless security can equal the protection afforded by traditional card based systems, providing it is implemented correctly. It can then reduce total cost of ownership (TCO). But, operators need to adopt the right technological approach, which, according to Farncombe, should have the security functionality shared appropriately between the set top’s main processor and a dedicated SoC (System on Chip).
Under this combined architecture, the unique elements of the system, such as the root of trust, should be provided by the secure processor within the SoC, while generic elements that may require changing, like processing of common data such as content keys, should reside in the main processor. The coming-of-age of cardless security is a result of changes in the threat landscape. There are three main categories of threat.