Frequently Asked Questions

For your convinience, we’ve gathered a few answers to common questions relating to digital rights management (DRM) and digital video delivery.

If you have a question which is not addressed here, please do not hesitate to contact us.

Why is DRM required to digitally distribute studio content?

The movie and TV industry is highly protective of their assets and impose strict rules on distribution to prevent piracy. For example, the Motion Picture Association of America (MPAA) has campaigned for DRM to be implemented in online video delivery scenarios. If you wish to digitally distribute studio content through your service, you will be required to have a DRM solution in place.

Studios can also have special requirements when providing their content across devices such as smartphones and tablets for example. In general, SD (480p) playback can utilize software-based DRM while HD (720p+) playback typically requires a hardware-secured DRM solution. Providing 4K/UHD quality content also requires hardware-secured DRM along with additional security requirements beyond DRM.

What does encryption do to a video?

During the encryption process, an algorithm scrambles the video file to prevent playback. This is achieved with a content key which is a piece of unique data used in conjunction with the algorithm to both encrypt and decrypt the video content. To maximize security, a different key is usually used for every individual video asset.

A user’s player application is only able to decrypt content for viewing if it possess the same key the video was encrypted with. These content keys are typically stored on a secure licensing server such as our DRMtoday service for delivery to a user’s video player.

Without the correct content key, an encrypted video appears blank or scrambled. This makes it completely unwatchable by unauthorized viewers.

Video frame without key or with incorrect key
Video frame without key or with incorrect key


Video frame with correct key
Video frame with correct key

What is delivered during a DRM license request?

When a user wishes to watch a DRM-encrypted video, their player must receive licensing information to decrypt the content for playback. The licensing information required is specific to the DRM system the user’s playback application supports (which can differ from one device/platform to another). This means when DRMtoday delivers a license to a user, the information that gets sent is based on which DRM system is supported by the user’s player application.

For example, the licensing information delivered to a player using Microsoft PlayReady is different from the information sent to a player using Google Widevine. Both systems are compatible with Common Encryption, however, it is the license delivery process that creates the main differences between competing DRM systems.

Regardless of which DRM system a player uses, the licensing information delivered is always made up of a number of general elements:

  • The content key: a piece of unique data used as part of an algorithm to encrypt and decrypt video content. A different key is typically used for every individual video asset to maximize security.
  • Play duration (for example: purchased content or timed rental)
  • If a license should be persistent (i.e. no further license requests after the first license delivery)
  • Additional restrictions (for example: hardware-secured DRM only)

Compare device/platform DRM support     See how DRMtoday works

What’s the difference between hardware and software secured DRM?

DRM functionality in devices can be supported via software, for example, by being built into a device’s operating system. Some devices have DRM functions running via chipsets instead. This provides a ‘hardware-protection’ layer as it’s much more difficult to compromise hardware than software.

Which browsers support DRM for video?

For a browser to support built-in video playback with DRM protection it must support HTML5 as well as Encrypted Media Extensions (EME). These browsers are able to use DRM as part of their native platform:

  • Chrome 35+
  • Internet Explorer 11+ (Windows 8.1+)
  • Microsoft Edge (Windows 10+)
  • Firefox 38+ (Windows)
  • Safari 8+ (OS X)
  • Opera 31+

Browsers that do not support EMEs can use plugins such as Adobe Flash or Microsoft Silverlight to deliver encrypted video. However, browser support for these plugins is being phased out by Chrome and Firefox.

View DRM browser support

What are Encrypted Media Extensions?

Encrypted Media Extensions (EME) is a JavaScript API specification that provides a method for browsers to interact with CDMs for utilizing DRM in browsers. JavaScript can access EME to communicate information between a CDM and a server that provides decryption keys such as our DRMtoday service. It enables encrypted video playback directly in HTML5 (using the <video> tag) without the need for additional third party plugins such as Silverlight or Flash (which must be download and update by the user). EME allows the same encrypted videos to be played in any compliant browser regardless of the DRM system used. This simplifies secure web-based video delivery for both the content producer/retailer as well as end-consumers.

Browsers that do not support EMEs can use Adobe Flash or Microsoft Silverlight as a fall-back option.

View the EME specification

What is Common Encryption (CENC)?

To help simplify the fragmentation of the DRM market, a standardized method for enabling video content protection has been adopted by leading DRM systems called Common Encryption (also referred to as CENC). CENC is an ISO 23001-7 standard that defines a common format for encryption, decryption, and key mapping methods.

This standard enables protected playback of video content across multiple DRM systems. The video encryption process is not proprietary to individual DRM systems, and the same protected content can be decrypted using different DRM systems. A video only requires encryption once and the content can then be played using any DRM system that supports CENC (see list below). When encrypting a video with CENC you also have the option to use just one key with the content, or you can use multiple keys (for example: one per audio channel or video bitrate) for added security.

Today you would typically take advantage of CENC when using the MPEG-DASH streaming format. When encrypting MPEG-DASH content with CENC, it essentially becomes DRM-neutral. The same file-set will work across any MPEG-DASH player as long as a compatible DRM system is being used.

Ultimately, this allows the same secured content to be distributed across numerous playback devices/platforms which reduces the cost and complexity of the delivery workflow.

It’s important to note, however, that CENC does not govern other DRM activities. Individual DRM systems retain control of elements such as license distribution, rights mapping, and compliance which means these processes vary from one DRM system to another. This is because CENC only standardizes the encryption and decryption phases. Thus, you will always need a DRM service to provide licensing for the specific DRM system that a given player supports.

DRM systems that are compatible with Common Encryption include:

For example, a video encrypted with CENC can be decrypted by both Microsoft’s Edge (via its PlayReady CDM) and Google’s Chrome (via its Widevine CDM) for playback within the browsers.

What is a Content Decryption Module?

A Content Decryption Module (CDM) refers to the client-side DRM component of an application which performs the decryption, decoding, or enables playback of encrypted video content. For example, Google Chrome uses a Widevine CDM to decrypt DRM protected content for playback within the browser.

How do I deliver protected content with HbbTV?


HbbTV® (Hybrid broadcast broadband TV) is an international open standard specification for video delivery via internet-capable TVs, set-top boxes, and multiscreen devices.

As of HbbTV’s version 1.5 spec, DRM was introduced through Common Encryption (CENC) when using the MPEG-DASH adaptive streaming format. This means that you can achieve secured playback through HbbTV compliant technology using MPEG-DASH and a CENC-compatible DRM system including: Google Widevine Modular, Microsoft PlayReady, or CMLA-OMA.

If you’re looking to deliver content to HbbTV devices, we can help.

Preparing content for HbbTV

You will first need to convert your content into the MPEG-DASH streaming format. These video assets will also need to be encrypted to provide DRM protection. Our robust encryption and packaging service can both create and secure MPEG-DASH file-sets for you, ready to deliver or place on a CDN.

DRM licensing for HbbTV

To deliver protected MPEG-DASH content to end-users for playback, DRM licensing will also need to be in place for decryption. Our streamlined DRMtoday license service provides access to multiple DRM systems that are compatible with the Common Encryption standard detailed in the HbbTV specification.

If you have questions about delivering video with HbbTV, please contact us for more information.

How do I use DRMtoday with Unified Streaming?

The Unified Streaming platform integrates with DRMtoday via a Java based key ingestion application. Please note that this application and its documentation are only provided to DRMtoday customers.

How do I use DRMtoday with Wowza?

DRMtoday integrates with Wowza via our Wowza Streaming Engine plugin.

Learn more

Have another question?

If you haven’t found the answer you were looking for on this FAQ, please contact us. We will be happy to answer any questions you may have.