Page tree
Skip to end of metadata
Go to start of metadata

Content protection is important for every media asset when some sort of monetization is used. For AVOD scenarios you would like to prevent your viewers to skip watching the ads, for SVOD or TVOD scenarios any unauthorized access will result in revenue loss. Quite often protection requirements are defined by content owners, especially for premium content.

There are different methods how you can protect your video-on-demand videos and live streams.  Here you have the description of the content protection measures you can utilize in our platform.


AES stands for Advanced Encryption Standard, which is a simple media encryption method to protect against stealing and piracy, guarantees access to the stream only to authorized users and enables to securely watch content.

This is the easiest way to protect your content. AES-128 encrypts the content by generating a special key. If someone tries to intercept it, they will see only encrypted data.

AES-128 in comparison to DRM is a slightly less secure protection algorithm with limited support from major studios but more widely supported by older devices.


DRM stands for Digital Right Management, which is the highest-grade media encryption method to protect copyrights of your videos on different platforms and prevent stealing, piracy.

DRM is approved by major studios and is the right solution if you want to prevent manipulation on the device playing your video. For instance, if your video is unencrypted and has been playing in a browser, the user might download video fragments and play them locally. DRM will prevent this as only an authorized player will receive the keys to decrypt the content.

Widevine and Playready are supported natively by Video Cloud. Apple Fairplay support is possible but due to Apple policy, the holder of the content rights has to acquire the license directly from Apple. You can find the DRM compatibility with different devices and platforms here: DRM compatibility

In many cases, content providers/owners require in the agreement for streaming video to have DRM as mandatory.

DRM feature is not included in Standard pricing plans, it is billed additionally. Please contact to active this in your account.

DRM with AES-128 as a fallback

If DRM is enabled in your account, we suggest using this version. You can set this, to have a backup protection method. If the DRM is not supported by some browser or device or any other reason does not work the AES-128 protection will be applied for the stream.

Token for playback

We suggest using token for playback by default for paid content, VOD services. Token provides video playback protection for all supported streaming protocols, using a security token that is verified by the CDN. The token prevents copying playback URLs to another user. Multiple session parameters are encrypted in the token effectively preventing the fraudsters to watch the content on the devices where the session was originated and outside of the specified time slot.

Additional option Use token for sub-manifests and chunks protects all stream components, not only the main manifest. To use this option it is necessary for the player to supply the token received in the main manifest URL to the URLs of sub-manifests and chunks before retrieving the content.

The validity duration of the token should be set for the time of the expected length of the streaming session with possible pauses and buffering. A new token is generated on each initialization of the playback session when embed code is opened by the viewer.

You can predefine the following Protection settings in the Settings tab - Players section. You will be redirected to the Player presets tab in our new Videosher portal:

VPN/proxy detection and blocking

This feature is an additional check to IP address geolocation detection and prevents public VPN/proxy access to identify and block fraudulent access to streaming media, ensure compliance with licensing and regulatory mandates.

VPN/proxy user blocking feature is not included in Standard pricing plans, it is billed additionally. Please contact to activate this in your account.

Token for embed

This feature is to protect the embed code against re-embedding in conjunction with Restrict embed in Domains field. Every time an embed player is loaded for the end-user you need to generate a token thru the API.
The domain embedding restriction feature works quite fine alone for the general public, but skilful hackers can spoof the domain in the request referrer field.

After choosing this setting an option Only use for disallowed countries option will appear. This sets the token enforcement only for geo-blocked countries. Is used to allow content access for registered users outside of allowed regions, e.g. EU.
The token duration for embed code can be set quite short as it is verified only once when the embed code is opened.

Domain Whitelist

Control where your videos can be embedded by adding certain domain addresses.; 

For full protection use this setting together with Token for embed code.

IP Whitelist

This feature allows specific IP addresses to access the video, overriding other settings like Geoblocking and VPN/proxy detection. Enter the specific subnet and/or IP address you want to allow access.

IP Blacklist

This feature blocks specific IP addresses from accessing the video. Enter specific subnet and/or IP address you want to deny access.


Geoblocking allows adding countries in which playback is allowed. In Channels section you can schedule a time when a channel is not available in countries outside of the allowed list, during specified times and also set it to recur. Mainly necessary to define because of copyright and licensing rules from content owners. 

  • No labels