One month after we announced AES dynamic encryption for live streaming, today we are excited to add PlayReady encryption for your live streams as well. With Azure Media Services, our supported streaming protocols, such as Http-live-streaming (HLS), Smooth Streaming and MPEG-DASH, you could configure either AES or PlayReady encryption and deliver the encrypted live stream.
Microsoft PlayReady is an extensive, studio approved encryption technology that protects your content from piracy, and it is supported on a wide range of the most popular devices today. Now, you can use PlayReady to protect both Video-on-demand and live streams.
At a high level, this is how it works:
- Set a content key, key authorization policy and content delivery policy on the asset you want encrypted. One of the options we provide for key authorization is token authentication, when used the client requesting the license must first supply a valid token in order to be issued the license. If you configured token authentication, token is sent through Custom Data API, which is available on all PlayReady SDKs.
- PlayReady license template is configured as part of the content key authorization policy. You could restrict media usage in the template, such as content could only be viewed in the next 48 hours and etc.
- Dynamic encryption can be chained with our existing dynamic packaging capabilities so that from a single set of MP4s you can produce multiple combinations of formats and encryption types. For instance you could produce PlayReady encrypted HLS and PlayReady encrypted DASH.
- In Addition, similar to dynamic encryption for VOD, you could mix and match streaming protocol and encryption methods. For instance you could produce AES encrypted HLS stream and PlayReady encrypted DASH stream.
- There are a wide range of devices and platforms support PlayReady encrypted live stream playback, such as Silverlight player, Client SDK for iOS and Android.
- After your live event is over and the corresponding asset has transition to being VOD it will continue to be PlayReady or AES encrypted based on your configuration.
Pease refer to the diagram below for PlayReady/AES dynamic encryption with live streaming capability.
Here are some of the Q&A for this services:
- Does Azure Media Services provides PlayReady license delivery services ?
Yes, Azure Media Services provides PlayReady license service as part of the platform capability.
- Does PlayReady encryption for live streaming includes key rotation?
No, currently we don’t offer Key rotation for live streaming with PlayReady encryption.
- Can I use AES encryption on HLS stream and PlayReady on Smooth Streaming stream?
Yes, this is possible with our service, you could configure different encryption methods on different protocols.
- What kind of player I could use to play PlayReady encrypted live stream?
Desktop: Silverlight Smooth Streaming Client. You could also test your stream on this test player we are hosting: https://sltoken.azurewebsites.net/.
IOS and Android: This requires client licensee fee, so please contact PlayReady team at : https://www.microsoft.com/PlayReady/features/ClientOptions.aspx.
Windows store app: https://visualstudiogallery.msdn.microsoft.com/e02ccac7-f3eb-4b53-b11a-c657d5631483.
- What kind of PlayReady license template I could define with your service?
Please refer to the documentation here: https://msdn.microsoft.com/en-us/library/azure/dn783459.aspx.
- How can I configure PlayReady/AES dynamic encryption with Live stream?
We don’t currently have support in the portal to configure this feature. However, we have REST API and a .NET SDK which allows you to set PlayReady encryption on your live asset. Meanwhile, there is extra step you need to take to enable PlayReady license service on your account, please follow my instructions through this video: https://www.youtube.com/watch?v=nQCM1jFdi_4. Please refer to this APIs walkthrough to set up your PlayReady encryption with live stream, sample code is hosted at this GitHub repository.
If you have any questions, feel free to reach out to me at yanmf@microsoft.com. I’d love to explain further.