How paid services/channels are viewed or descrambled on a TV/STB/OTT app

When you watch a channel or a service via STB or TV or OTT app you might have encountered an error message such as "Channel is scrambled , Please contact **** OR smart card is expired OR insert valid smart card OR recharge your subscription etc ".

Do you know what is happening in background , how your tv/stb/ott app or is able to detect your subscriptions entitlements or balance on the smart card.

In traditional broadcasting there are 2 types of services:

1. FTA(ex; Doordarshan in India) -- Free to air service --> Freely viewable by all if somehow signal is received.Hence FTA are non-scrambled/clear content. Can be viewed without Cas.

2. Paid channels --> Can be viewed by subscribers who have paid money for a special PKG .Hence paid channels are scrambled.

To view paid channels we need Cas and/or DRM.

In traditional broadcasting , both fta & scrambled services need to tune particular frequencies ,parse audio ,video & meta data .Then decode A/V using decoders.

In the case of OTT , You need to pay subscription fees to watch any channels . I think there is no fta service/channels concept in OTT.

I am not aware of any free OTT apps or OTT apps which can allow viewing free channels without subscription fees . If you know, please comment in the comment section .

BTW Do you know difference between scrambling and encryption ?

Scrambling and Encryption are similar , Usually scrambling is applied on analog and encryption is on the digital domain .

Scrambling involves obfuscating the signal at the transmitter end by adding or removing something from input signal or even encrypting the input signal .The receiver must be equipped to reverse the input signal obfuscation in order to view the channel.

Back to original topic on how paid channels are viewed or descrambled.

There should be some module or equipment from the broadcaster/Cas Or Drm provider on the receiver which can communicate with the headend (broadcaster/operator/ Cas or Drm) server regarding the user subscription , license, encryption info ,etc.

There will be some secure communication about the license, decryption key , entitlement message from broadcaster/Cas server to module on receiver side.

Message from headend need to be secure , otherwise hacker in the middle can alter the message according to his convenience. This may lead to piracy of the content or illegal access of the content . Hence these messages are mostly encrypted.

3 basic questions about CAS/DRM ecosystem :

1. What are the secure messages from headend to receiver?
2. Which modules on receiver side are in charge of security?
3. How are these secure messages transmitted from transmitting end to receiver end?

 Easy & simple answers :

1. What are the secure messages from headend to receiver -> ECM ,EMM , License , URI.
2. Which modules on receiver side are in charge of security -> Cam with SC , Embedded Hardware Cas with Cas, Software Cas , operator App , etc 
3. How are these messages transmitted from transmitting end to receiver end? -> This is going to be a long answer as below :

Option1: Embedding secure message components along with Video data in encrypted form.

Option2: Receiver contacts the separate Cas/Drm server to get the ecm/emm or License based on the content ID and user info .

Overall mechanism :

Broadcasters will scramble(encrypt) the A/V at the transmitting end and transmit to receivers such as TV/STB or Mobile phone via any delivery system (Cable , terrestrial , satellite , IP , OTT,etc ).

Then receivers will descramble the scrambled contents at the receiving end.

The module which descrambles the scrambled AV content is called CA module (Conditional access module) Now you are able to see the paid scrambled contents , hurray !!

BTW Conditional access system : Means to access the scrambled service or channels there is a condition to be met .

What are the conditions to successfully descramble the content ?

1. You are valid subscriber of broadcaster.

2. You have paid the subscription fees.

3. You are accessing the service or channel which you are entitled/subscribed for.

4. You are accessing the content from the valid location (In some countries some channels may be prohibited ).

5. The device on which you are accessing the content is meeting the standards/ passed certification.

Cas ecosystem : I would like to mention 2 popular patterns how ECM/EMM are retrieved from the Cas system

Pattern 1:  ECM , EMM and License are sent along with Video and Audio data .

Pattern 2 : ECM ,EMM and Licensee data are queried by receiver to separate Cas/DRM licensing server using web apis .

keywords used in CAS and DRM:

• Control word : The key used in the Scrambler & descrambler for scrambling ＆descrambling.
• Crypto Period: time that the Control Word is valid for
• ECM(Entitlement control message )

1. Contains the Control word is encrypted with service Key which is required for descrambling .
2. Control word is typically 60 bits long and updated every 2-10 seconds
3. ECM are used to recover the descrambling control word in the decoder
4. ECM contains Odd Key and Even key in the encrypted form
5. ECM are typically per stream(Audio or video ) or per service

• Service Key – is common to a group of users who are subscribed to watch a service.
• EMM(Entitlement management message): 

1. Contains serviceKey encrypted with user keys ,
2. One EMM may contain many such encrypted service keys encrypted with different user keys unique for each receiver .
3. EMMs are created based on the subscription like what user is entitled to watch , what is his package rights ,etc

• SMS- Subscriber management system: It consists of a database of information about the subscribers, the serial numbers of the decoders and information about the services to which they have subscribed. SMS is used for sending and receiving all the bill payments to and from the subscribers of the CA system. It handles the billing, any changes in subscriptions, inability to view channels, etc.
•  SAS- Subscriber Authorization System: This system is to verify & identify users . SAS is shared among various service providers. Any data from SAS is encrypted to prevent all the sensitive user data from security attacks.
• Smart Card : Contains embedded microprocessor for security. The card reader talks to the microprocessor. Microprocessor enforces access to the data on the card.

1. Used as a token of entitlement to descramble the broadcast signals. Performs the authorization of EMM
2. Performs the decryption of keys embedded in the ECM

• Descrambler : Requires scramble keys. Keys are taken from the Smart Card. After descrambling data is transmitted to appropriate audio or video decoders.
• URI: Usage rules information -> Rules to receivers on how the content should be used or stored or passed or viewed to secondary device . This is mainly related to DRM . Example : Copy never , copy freely , copy onetime ,etc .URI is sent to receiver by embedding the URI in to ECM/EMM or License .
• Simulcrypt: It is a protocol of CA where each service is transmitted with the EMM/ECM for a number of proprietary systems. Decoders using different CA can decode the service. Simulcrypt uses a common framework for signaling the different EMM/ECM stream. Access to the system is controlled by the system operators.
• Multicrypt: It is a protocol of CA which is open system which allows competition between CAS providers and SMS operators. Uses common receiver/decoder elements which could be built into TV sets. Common conditional Access interface can be used to implement Multicrypt
• License: Small file that contains the encrypted CDK - content decryption key + URI defining how the content may be used. As I said URI is nothing but rules and policies set in a license define the output controls ports (ex: HDCP ) & license validity period. DRM license can be delivered in clear format but digitally signed preventing any modifications to the specified rights.

I hope you will find this article useful in some way !

If you have any questions, please leave a comment.

-------

Please follow me if you would like to receive regular updates regarding Cas/DRM Android TV framework and broadcasting technologies.