White Paper: Description of Stellar Tickets’ Content Security Model
Stellar provides best in class livestream security through multiple layers of conditional access
Stellar is a best-in-class, full-service ticketing and streaming solution that focuses on livestreaming content. Stellar is specifically designed to address a number of massive security issues in other online event platforms while focusing on User Experience and true “two screen” experiences. Through a number of layers of protection, Stellar’s approach balances the limitations of the immeasurably large device ecosystem and the need for low latency live video with content security and authorization.
There are a number of challenges to securing digital content while also allowing customers ease of access to their purchases. Ultimately, if a person can see or hear content, a camera or microphone can capture the same content. And for every device on the market that respects high-bandwidth digital content protection (HDCP), there are plenty of cheap alternatives that don’t respect any modern security protocols, which lure the customers most likely to pirate content in the first place.
Traditionally, DRM solutions have been employed to protect video files that were downloaded to customers’ devices and allow a customer to play those videos for a specific period of time. These solutions work a number of different ways, but generally the video is encrypted using a cryptographic key, which can only be decoded via the client connecting to a DRM server and acquiring the right to the video file. This process was necessary because not all videos are able to be streamed in real time, and it saves bandwidth costs when the “window” the video is available is over a prolonged amount of time. Unfortunately, in the modern device ecosystems of mobile devices, “smart TVs,” OTT devices, and computers of any number of operating systems, there is no “one-size-fits-all” DRM solution. Many solutions have been exploited, with some researchers going so far as to call DRM solutions for video “defective by design,” and almost all DRM solutions are easily fooled through the aforementioned capture devices.
Beyond securing just the video files themselves, with the sudden disruption of the live entertainment industry by COVID-19, almost all live entertainment software providers have had to adapt in one way or another. Ticketing platforms not made for livestreaming, such as Eventbrite, Universe, Ovation, and others, quickly shoe-horned “livestreaming” capabilities. Typically the method used is either sending an invite to a Zoom call for small events, or simply a hyperlink to password protected webpages on other platforms that embed insecure live video streams (Ticketmaster/LiveNation, Dice.fm, Veeps, all work this way). Passwords are typically not secure or unique per ticket buyer allowing everyone with the password to access the stream. Many times, even if the access to the page is secure, the URL for the video itself is not secured in any way, meaning that if you buy a ticket, inspect the source of the page you’re viewing, and copy the url to the video, you can send that to anyone. Through all of these scenarios, widespread content theft through simply posting a password or URL to social media platforms has been a real issue. Concerts from Billie Eilish, Justin Beiber, Dua Lipa and many others all suffered from widespread theft via HLS streaming URLs being posted to social media.
Finally, Stellar livestreaming aims for the lowest possible latency in the live video between broadcasters and viewers. Stellar’s platform is content agnostic, but we understand that many use cases (e.g. Live Q&A) require a latency of less than 30 seconds between broadcast and viewer. DRM solutions can be very computationally expensive when encoding broadcast quality 4k video and can add large amounts of lag between the broadcast source and the customers viewing a stream.
Stellar’s approach to content security is broken up into two layers: conditional access using user authentication and device authorization.
First, all users on Stellar must be authenticated with an email address (and typically a password or a third party SSO). Your email address must be confirmed via a typical email confirmation procedure. Stellar uses a third-party vendor to verify that an email address is known to other companies and is not a known fraudulent actor. We also employ a technique to ensure that all new logins to an account are authenticated through email or through a SSO.
The second layer of content protection is device level. Stellar’s content URLs are protected through encrypted cookies, meaning that a user can’t access the URL without making an authorized request to Stellar’s servers. Without a token in the encrypted cookie, no content will be served to a device.
All tickets have a preconfigured “device limit” between 2-5 devices. Using a proprietary device fingerprinting technique, Stellar authenticates that a specific device has access to the stream at least every minute of video watched. When more devices connect than a customer’s ticket is configured for, the oldest device token is actively added to a deny list. If that device refreshes its token, the next oldest device is added to the deny list. Once a device is added to a deny list, they will no longer be served content for the stream. Stellar has the ability to deactivate all tokens for a user, actively blocking all of their devices from our service.
Finally, basic forms of content duplication are actively discouraged through best efforts. Screen recording is actively blocked when the device supports it. Apple Airplay and Google Chromecast are not supported due to the lack of support for encrypted cookies. Unfortunately, many of the caveats previously mentioned do apply to this category of content protection.
Stellar Tickets goes beyond best efforts to actively raise the industry standard for content security and protection in the live event streaming space. Security features that are impossible on many traditional ticketing platforms are core to Stellar’s offering and create a platform that is secure by default. Stellar successfully balances the need to ensure the reliability that customers can watch a live event that may never be broadcast again with the need of content rights holders to protect their assets while keeping the real-world limitations of existing solutions in mind.
If you have questions about how to best protect your content without sacrificing the customer experience, we're happy to help. Email firstname.lastname@example.org for more information.