A rare example of a so-called ‘card-sharing’ pay-TV piracy operation has come to light following AEPOC’s announcement of a police raid in Cyprus.
On June 14th a 49-year-old Cypriot man was arrested for illegally providing subscriptions to the pay-TV offerings of BFBS, BSkyB and Nova.
The pirate is accused of having provided illegal pay-TV subscriptions to nearly 1,400 clients in Cyprus and across Europe – earning at least €100,000 over an eight-month period, according to some estimates.
Card-sharing exploits a weakness in the DVB conditional access system through which a legitimate smartcard is hacked to provide a stream of access codes which can be distributed for a fee to consumers unwilling to pay the full price for a pay-TV subscription.
Farncombe discussed the nature of this weakness in detail in a White Paper entitled: Towards a Replacement for the DVB Common Scrambling Algorithm.
Category Archives: Digital Satellite
New pay-TV card-sharing scam uncovered in Cyprus
Heavy Netflix streamers bear out pay-TV ‘cord-cutting’ fears
New research from The Diffusion Group suggests that although the propensity for ‘cord-cutting’ (i.e. downgrading or termination of pay-TV subscriptions) in the USA is mainly associated with economic stringency, this changes amongst heavy users of Netflix video streaming.
TDG found that 61% of moderate to heavy Netflix streamers cited online video usage as the top reason why they would do so. Only 24% of this group cited economic issues as their main rationale.
For the average Netflix user, however, the finding was reversed: only a third would cord-cut because they thought use of online video was substitutive.
Canalsat and Sky – who needs a dish?
French pay-satellite operator Canalsat is to offer non-subscribers access to a subset of its satellite channels over the Internet. Called Canalsat Web TV, the service is separate from the Canal+ VOD service Canalplay, which is available both in ‘over-the-top’ mode and integrated into French ISPs’ IPTV offerings.
Canalsat Web TV offers 63 of around 300 channels available from Canalsat using a dish and decoder. When launched a year ago, it was only available for free as an add-on for Canalsat customers subscribing to its top tier. Now non-subscribers can pay €25/m to access the service, with existing subscribers to the lowest Canalsat tiers paying €7/m extra.
The Web service – which is also available on the iPhone – offers less choice than its satellite equivalent: a mid-range Canalsat tier offering 230 channels via satellite is currently available for €23.90m. However, Canalsat Web TV comes with no strings attached: subscribers can enrol or churn out every month.
The Canalsat move closely resembles a similar initiative by BSkyB in the UK, which opened up its online Sky Player platform to non-subscribers in October. Entry-level is €18/m for just 20 channels.
Both can be seen as experiments which seek to establish the price consumers are willing to pay for the utility of ‘untethered’ viewing of premium channels anywhere in the home, in an environment devoid of contract tie-ins. Such offers also fulfil a secondary purpose for the operators: for existing subscribers, additional, more flexible viewing options help to keep them from churning and migrating to free OTT video; while it’s also an opportunity to showcase premium content to non-subscribers without requiring any commitment.
BSkyB’s Sky Player: subs forced to opt out of targeted advertising and accept cookies
Only a few weeks after I blogged about the content restrictions Sky Player imposes in an online environment (relative to the satellite one), Sky has now emailed every Sky Player user a new set of terms and conditions.
The most significant change relates to targeted advertising. The Sky email states: “In future, the advertising you see on Sky Player may be better tailored to your interests. The new system, which is called Sky AdSmart, uses customer information to replace some general adverts with ones which we believe to be more relevant to viewers’ potential preferences and interests.”
(Sky AdSmart can be thought of as an Internet-based precursor to targeted ad-substitution on Sky’s satellite PVR platform, due to begin in the first half of 2011.)
Accordingly, the new Ts & Cs s state that Sky will use ‘cookies’ for the purpose of “serving behavioural and tailored advertising on Sky online services and websites and selected third party websites, [...] which means you may receive advertisements which are more relevant to you.”
There is an opt-out, of course: users can go to their personal profile and tick a box to say they do not wish to receive this kind of targeted advertising – but the default position is that unless they do so, they will get it: this is not an opt-in system. Ticking the box effectively disables the ‘session cookie’ as well as what Sky calls the ‘Audience Science cookie’.
However, for those who wish to disable all of their cookies (Sky lists six different types including the two above), this will completely disable the Sky Player service. The new Ts &Cs state that “The Service cannot operate if you set your browser to reject all cookies.”
It is not immediately obvious why this should be so, because Sky Player doesn’t rely on these cookies to identify the subscriber or the device as legitimate: in the Ts & Cs, Sky says that users must consent to information being collected about them through the service, which includes the Microsoft Windows Product Key of the registered device, its IP address, and “information derived from the hardware configuration of [the device].” This is of course in addition to the requirement to login and enter a password to use Sky Player. Other authentication information is also presumably being passed back and forth by the Windows DRM system Sky Player uses.
I have to say I find both the ‘opt-out’ and ‘cookie acceptance’ policies surprisingly heavy-handed. But perhaps that is the intention – to test consumer reaction to such policies in the online environment before they finally determine how to soften them for the satellite domain.
The new Ts & Cs also tighten another screw, incidentally: it was definitely my impression that previously, you were allowed to watch Sky Player content on different registered devices at the same time – as long as it wasn’t the same content. The updated version now says you can’t watch any content on two registered devices at the same time. If you boot up a second registered device, you’ll simply stop receiving the content you were watching on the first one.
I can think of good practical reasons for doing that: quality is likely to be reduced on both streams unless the household has at least 4-5Megs available downstream. But isn’t that a matter for the user?
Farncombe Consulting proposes replacement for DVB Common Scrambling Algorithm
Farncombe Consulting Group, which hosts this blog, has published a second White Paper on TV Conditional Access (CA), which proposes a possible replacement for the DVB Common Scrambling Algorithm (CSA).
This is the hardware-based digital TV encryption technology mandated under European Law and which underpins today’s DVB-based pay-TV sector.
Farncombe’s in-house video security experts think it’s overdue for a replacement, arguing that – although it was introduced for the best possible motives in the early 1990s – the technology now raises serious commercial, regulatory and technical concerns for the digital pay-TV industry.
For instance, they point out, the CSA was designed for an era when operators were keen to avoid their content being distributed to PCs, and where broadband did not exist as a distribution medium. But neither of these factors apply today. This means operators are saddled with a technology which makes content distribution more difficult, and is not only already vulnerable to piracy but poised to become increasingly so.
In the White Paper, Farncombe accordingly proposes a next-generation replacement for the CSA, based on a ‘toolkit’ approach which mixes both hardware and software elements.
This will take time to implement, however. In the meantime, operators who upgrade their installed receiver base without addressing the security flaws in the CSA approach risk wasting their investment. Farncombe notes that the nature of this weakness is such that it only takes one hacked receiver to allow control words to be fed over broadband to any legacy DVB STB and enable pay-TV content to be pirated.
This implies that the industry needs to introduce a replacement as soon as possible.
A PDF of the new White Paper can be obtained from Farncombe by clicking here (or by pasting the following URL into your browser: http://www.farncombe.eu/index.php?menu=4.4) and filling in a simple registration form. Farncombe will then personally send you a copy.
Recent Comments