Secure Session Management with DRM-enforced heartbeat

Restricting the number of concurrent streaming sessions for a given user (account) across playback devices is often a requirement that content owners and right holders impose through content contracts with service providers. There is also a requirement to react at the session level when piracy is detected. Typically for content such as live sport streaming, killing the current streaming session immediately after piracy detection is key.

In many cases, such session control is simply done at the application level which is easy to defeat and doesn’t guarantee that the sessions are effectively killed – meaning the player is not pursued despite the kill command from the application.

DRM-enforced heartbeat-based concurrent session management is the effective solution. The fact that it leverages the available platform DRM used by playback applications guarantees that the session is effectively stopped at the player level. It should also be noted that managing DRM-enforced sessions requires more resources, hence service providers should be able to specify the content on which such session-level control needs be enforced – note that not all content might require this level of security.