How Our DRM Licensing Service Works
DRMtoday handles your content protection by managing playback authorization and DRM license key distribution through our cloud based service. When a user wishes to view a video, your server delivers encrypted content to their device while the player software acquires a license from DRMtoday for playback to begin.
Here's how it works.
Encryption & Packaging
Before you distribute your video, it must be encrypted to use DRM protection and packaged into a delivery format of your choosing. When encrypted, the content key and metadata needed to unlock the video are ingested into our secure DRMtoday database for future delivery to the end-user.
DRMtoday fully supports Common Encryption (CENC) which enables an encrypted file-set and its key to be used across multiple DRM systems.
Our Video Toolkit service can perform the encryption and packaging process for you, with keys securely delivered to our DRMtoday servers.
After packaging and encrypting a video file, it's ready for delivery from your CDN or server infrastructure.
When a user wishes to watch content, their device first accesses a manifest file which is the "table of contents" for the video's file-set. The manifest file contains the encrypted video's location as well as DRM system information and additional metadata.
For content to be viewed, DRMtoday must first supply the user's player with a license key to decrypt the video. Your content cannot be played without this key.
To acquire a license key, the DRM layer in the user's player application uses the information in the manifest file to launch a request. There are a number of ways to achieve this, but below are two common methods.
You can learn more about the license information delivered on our FAQ page.
To playback protected content, you'll need a DRM-capable player. We provide feature-rich mobile and cross-browser player technology, each with built-in DRM support.
Method 1: Callback Authentication
The player first requests a license from DRMtoday. Upon receiving a request, we validate the user with your system's authorization API to determine if they are allowed to watch the content. If the user is approved, we receive confirmation. Our DRMtoday server then sends a license, including a decryption key, to the user's player allowing the content to be unlocked.
Method 2: Upfront Token Authentication
The player first checks with your system to determine if the user is allowed to view the content. Upon approval, your system generates a secured token containing the authorization, and sends it to the user's player application. Only your system and DRMtoday can view the contents of the token. Using the token, the player then requests a license from DRMtoday. The token becomes invalid at this stage to prevent it from being used again. Our DRMtoday server then sends a license, including a decryption key, to the user's player allowing the content to be unlocked.
The user can then enjoy your video, all while being secured along your delivery chain.