Pay-TV operators have used CA since the 1990s to encrypt digital content. Over the years, CA has evolved, with Irdeto launching the first software based card-less CA in 2011. But does the CA technology still have a role to play going forward?

Looking back
CA started life in the analogue broadcast world. Its role was to scramble the video signal. With the evolution to digital broadcast, CA transformed to what you can call “true” conditional access with encryption. It protected the content pipe, encrypting the content and matching it to entitled users. 5 years ago saw the introduction of card-less CA. This hardened software-based implementation gave operators a low cost, robust and renewable CA suitable for the next generation devices and miniaturized STBs.

With technology advancements and the proliferation of the internet is this traditional CA only approach still relevant?

Looking at today
In today’s world, everything is digital. From the glass of the camera recording the content, to the glass of the viewing device. This means that the quality of the content is higher through the entire value chain. The technology advancements are not only making it easier for consumers to watch their content, anywhere, anytime on any device; but it’s opening up more opportunities for pirates to steal that high quality content.

Content redistribution over the internet is the biggest threat facing operators today. In this environment, what protection does CA provide? Is content protection now more about protecting the service and device than merely the content itself?

Don’t get me wrong! CA’s role in protecting content is not in question. But, is that enough on its own?

Looking forward
The introduction of MovieLabs’ Enhanced Content Protection (ECP) requirements set the tone for the future. In many ways, it’s acknowledging that sadly online piracy is part of day-to-day life. With the lack of restrictions and regulations piracy is, in many cases, evolving faster than the legitimate services. Given that starting point, the studios are now turning their attention to minimizing the effects of piracy.

The ECP requirements reflect the different mindset, which is needed. They identify best practices for supporting video content of tomorrow. Yes, there must be a secure video path: encrypting/decrypting protected content. But it extends much further than that.

It’s about having dynamic content protection and proactive renewal of software components. Using available services to monitor online piracy and sales of illegal viewing devices as well as the use of forensic watermarking with breach response to identify and shut down the source of the leak.

Looking at what this means for CA
Based on this different approach it’s clear that focusing on CA, on its own, is not enough. CA is still needed, but its role is changing. It’s becoming a supporting actor, no longer the standout star it once was.

What’s critical is having an end-to-end strategy: providing state of the art technology with proactive services across the value chain.