Principal Architect of Conax talks about securing content “from lens to lens” in a digital age
With smartphone adoption, OTTs and hacker advancement is progressing like never before, with digital content continuously at risk. Many organizations have built an entire practice around the issue. One such leader in content security is Conax, a part of the Kudelski Group, who enables secure content revenues for over 400 operators, representing 140 million pay-TV consumers in 85 countries globally.

Monday, 27 June 2016 09:14 | Link to article

Amidst the chaos of CommunicAsia2016, Conax EVP Principal Architect, Tor Helge Kristiansen, spoke exclusively to Active Telecoms about the company’s important role to play in protecting operators from increasing threats from hackers, and why security is such an important issue for business customers today.

“It is a big issue today because this [content] is the revenue source for the operator – the way they can monetize their content,” said Mr. Kristiansen. “There are only two ways: advertising or charging for content. What we do is to make sure that operators are able to get this revenue. There are a lot of people out there who want to take away that revenue source by selling pirated devices and so on, which is what we are fighting against.”

Conax is headquartered in Norway, and has offices in 14 locations across the globe, including 24/7 global support operations based in India. The company works with satellite operators, cable operators, DTT operators, IPTs and OTTs. One of the major companies Conax is working with is Dish TV in India, a satellite operator with about 15 million subscribers.

Based on its flagship Conax Contego unified security hub, Conax provides telcos, cable, satellite, IP, mobile and terrestrial and broadband operations with flexible, scalable and cost-efficient solutions to deliver premium content securely. At CommunicAsia, Conax featured its Contego-as-a-Service cloud-based content protection service. The newly launched comprehensive and modular security offering includes the full benefits of its flagship Contego security back-end.

“Contego is a security hub which controls access to content for any platform for any type of device. It’s the same hub that we use both for OTT, satellite and so on,” said Kristiansen. “This is something that we have traditionally sold as an on-premise, installing it in the operator’s server. What we have now done is offer the same thing as a hosted service, so we have installed a community cloud service where we host and operate this on behalf of the operator. It makes it a lot easier for the operator because it’s a lower investment, saving operators from investing in the hardware. It also gives them quicker access to new features.”

Kristansen added that Conax always keeps this up-to-date on the latest software version that can activate the features its clients want. Conax also handles scaling, and all the security operations for its customers, so they can focus more on their business without worrying about managing security.

“We use our experts to make sure that the system is operated at maximum level,” said Kristiansen, “so all the monitoring and all the management of the system is done by us. Contago-as-a-Service has already been deployed by some of our operators.”

Adding to this, Are Mathisen, SVP APAC, Conax, said: “Operators looking to quickly and securely cultivate and tap growth opportunities in the digital content delivery landscape can now outsource content security to Conax. We are enabling operators of all shapes and sizes to focus on their strategies for capturing their share of new business in content delivery and providing new compelling consumer experience through TV everywhere services – while reducing CAPEX and complexity in running their pay-TV service.”

Security is of utmost importance to Conax. It’s no secret that today’s consumers expect and demand video content anywhere, anytime and on any device. Briefly setting aside content security, Mr. Kristiansen went on to discuss another Conax solution called Conax Xtend Multiscreen. It’s an advanced turn-key solution for pay-TV operators to enable OTT multiscreen services and streamline them with DVB operations, securely.

“As a company, we are also building some end-to-end solutions for operators, to simplify running advanced services. Xtend Multiscreen is a complete multiscreen solution where you can bring content into multiple devices: tablets, smartphones, PCs, etc, and also premium services, such as live TV, VoD (Video on Demand) or Network PVR,” said Kristiansen.

“What we have done in this case is to bring in some partners to build the ecosystem,” he added. “We brought in Cubiware for example, and integrated with a number of encoder vendors, CDN vendors, and so on. Then we are able to offer a complete solution customized to the operator’s needs. It gives a pretty advanced solution that we can deploy in a relatively short timeframe.”

Challenges facing OTT service security

Securing content is a major issue for OTT operators today. Because of the diversity of OTTs, it’s more complex to secure OTT content than it is to secure content for traditional broadcasters. It’s a “very fragmented market” says Kristiansen who believes Apple and Android devices are more often existing on a “vertical ecosystem” with their own streaming formats.

“Apple is doing FairPlay streaming based on HLS. Widevine is in the Android devices, so there’s a different DRM. And in Microsoft devices you have PlayReady. These are all slightly different in terms of functionality,” Mr. Kristiansen explained. “In order to reach all these devices in a secure way, you need to do multi-DRM. This is the complexity: when you’re doing multi-DRM, you need to ensure the same content rules on all devices. Handling this complexity with different DRMs, different streaming formats and so on is what we help operators with. The Contego back-end has a multi-DRM feature in which we take care of all complexities and provide a simple business interface to the operators.”

The main challenge operator’s face today is the fragmented device market the industry is faced with. Kristiansen said another challenge is the vast community of skilled hackers who are continuously getting more advanced. The various ways they attack the hardware, software, etc, and attack back-end systems makes things very difficult. The more services operators introduce, it opens the door to more attack points for hackers.

“It used to be so simple. You had a broadcast service with live TV to your satellite box. There were only a few attack points. Now we have many different services and even more attack points,” said Kristiansen. “The industry is very much aware of it and Hollywood is now enforcing more security on devices, such as the Enhanced Content Protection recommendation by MovieLabs. They are starting to specify pretty sophisticated security features to be in devices for 4K and UHD content.”

He added: “These challenges are pushing particularly the hardware manufacturers significantly when it comes to hardware-based security, secure media pipelines, and so on.”

Looking to the future, Kristiansen said Conax is currently working on a number of new projects, focused on building a “next-generation IPTV (Internet Protocol Television) solution”. The company recently launched a new security client called Conax Connected Access, which is an “advanced hybrid client” for connected use-cases.

“This client is available in several different flavors when it comes to the security setup. We are now building complete solutions for IPTV based on this client that we will put into use in early autumn,” said Kristiansen. “This is one of the major things we are working on.”

“In the future, I think what the industry will do is focus more on holistic security, as you need to focus security not only on devices, but more on the entire value chain. I suspect that this is going to be the focus also for the coming years: how can we protect content from lens to lens?”