DASH-IF introduced Content Protection Information Exchange (CPIX) format as an open specification which supports all the major DRM systems and playout formats. It contains the DRM information along with the key which can be used for protecting and encrypting DASH content.
MPEG DASH (Dynamic Adaptive Streaming over HTTP) was one of the biggest innovations for the emerging video streaming industry. While there were solutions like HDS (HTTP Dynamic Streaming) by Adobe and HLS (HTTP Live Streaming) by Apple for video delivery, MPEG DASH came with a few significant advantages.
For instance, as DASH is HTTP-based, the content delivery can be done through the standard servers. This ensures minimum setup expense and maximum speed. Even protocol-wise, DASH is known to be faster than HDS and HDL. While DASH was embraced by the OTT platforms, it required custom APIs for every encryptor and DRM (Digital Rights Management) service. This resulted in higher DASH adoption costs for streaming platforms and required more management.
The introduction of CPIX (Content Protection Information Exchange) helped eliminate these problems. Created by the DASH Industry Forum, CPIX improves operational efficiencies and reduces launch time and costs for OTT platforms. Let us have a detailed look at what it is.
What is CPIX?
With the rising popularity of OTT platforms, the need for content protection increased significantly in the last few years. Streaming service providers started working with multiple DRM services to make sure that their online content remains protected. Moreover, unlike the traditionally used DRMs that relied upon a single key for content encryption, modern content protection involves using multiple keys for various tracks or keys which rotate with time.
To make the content support such advanced DRMs, OTT platforms are required to have custom APIs for ensuring seamless content delivery. The CPIX guideline by DASH-IF defines how information related to content protection can be stored in XML format so that it can be exchanged between various parts of the content streaming setup.
The keys used for content encryption along with the DRM information related to these keys are included in the CPIX document. The service providers now supply CPIX document which can be used by streaming platforms as input for the Unified Origin. Even the OTT platforms can themselves create the document if at all the DRM service provider does not supply the document.
How Does CPIX Work?
The CPIX file has the DRM information and the key which can be used for protecting and encrypting DASH and HLS content. It can be used for the exchange of this information among multiple entities which might need it for different workflows of creating video content. As the CPIX file can be authenticated and encrypted, the receiver can rest assured that the integrity and confidentiality of the content will remain protected.
In other words, CPIX helps in breaking the lock-in of the vendors for platform operators. It allows the operators to easily select DRM service and packager that best suits their requirements. As the format of information between different products remains the same, the exchange of information no longer requires custom integration with CPIX.
Document Structure of CPIX
While the CPIX document information can vary significantly, every document mandatorily requires information such as-
- KID (Key ID) – This is a 128-bit key for content identification and associating the same to a CEK.
- CEK (Content Encryption Key) – A 128-bit key for encrypting content associated with KID.
- System ID of DRM– A UUID (Universal Unique Identifier) of a particular DRM system.
- PSSH (Protection System Specific Header) – It contains protection information like rights, licenses, license acquisition information, etc. of the DRM system.
What are the CPIX APIs?
CPIX APIs are APIs that have been implemented as per the CPIX Standard Guide of Dash Industry Forum. It contains information with regards to the specifications that can be used for linking the keys needed for implementing multi-DRM. With the help of the API, multi-DRM solutions can be linked to the encoder or transcoder for supporting key exchange process of CPIX.
There are now many different types of API offered mostly by multi-DRM service providers. Some of the top options include PallyCon CPIX API, Speke API, and Anevia CPIX API. OTT platforms wanting to secure their digital content while also keeping it protected can consider any of the top multi-DRM solutions and their CPIX API for increased protection and operational efficiency while also slashing the costs.