Conditional Access, Media & Entertainment Security
Riscure offers flexible Project Management in line with your objectives. Being accredited by the largest number of CA/DRM vendors means certification for multiple schemes can be delivered more effectively.
Your trusted security partner
As a market leader in content protection security, Riscure delivers a comprehensive set of solutions to help achieve a smooth certification process while meeting all necessary security requirements. Our lab delivers all necessary security checks, both required by the certification schemes and recommended according to the latest security guidelines. This includes, but is not limited to penetration testing, re-engineering, Side Channel Analysis or Fault Injection using laser, EM or a FIB. In addition to customized project, we offer our customers the following service packages:
Platform Chipset security evaluation
For chip-set manufacturers in the content protection market who would like to become accredited by CAS vendors such as NAGRA, Conax, Irdeto, Verimatrix and Viaccess-Orca, Riscure provides a comprehensive generic chipset security evaluation which is in-line with CAS vendor requirements. Our generic chipset security evaluation is a developer-centric in-depth security evaluation that is endorsed by multiple CAS vendors. The evaluation becomes a platform that enables a vendor to certify multiple related chipsets with a significantly reduced timeline.
One evaluation that is endorsed by multiple CAS vendors
Changes and adaptations to satisfy requirements can be easily attached to the main evaluation
Potential evaluation of multiple chipset families
Platform approach reduces time to market
End-to-end security evaluation for Operators and STB manufacturers
For Operators working with streaming devices , who would like to mitigate overall risk and potential impact of the device on the backend systems and business model, Riscure offers tailored expert security evaluation services. Assessment of risk for remote bricking, theft of services, upgrade without paying and reputational damage, among others. For STBMs who would like to provide assurance to operators and reduce risk and liability. There is no alternative on the content protection market that can deliver the years of experience and expertise in the security field.
Tailored for your specific security needs and devices
Evaluated with relevant market requirements in mind such as MovieLabs
Support during development reduces spending on security
Security of DRM and ChinaDRM
For developers of software based DRM solutions who would like to become accredited by existing schemes or demonstrate the security of the solution to content owners, Riscure provides PlayReady and ChinaDRM evaluations.
Riscure is a strategic partner of ChinaDRM Lab, the subdivision of the Academy of Broadcasting Science of China. Under this partnership framework, Riscure works closely with ChinaDRM Lab on establishing the ChinaDRM security evaluation scheme, advise on ChinaDRM security evaluation technologies, the evaluation process and tiered rating scheme of assurance level baseding on quantized security requirements. In this position, Riscure is committed to provide DRM solution providers, SoC (system-on-chip) vendors and terminal device manufacturers with security evaluation services which will cover ChinaDRM Robustness Rules.
Riscure has been accredited by Microsoft as a security test lab for evaluating PlayReady products against the applicable Compliance and Robustness Rules. All Microsoft PlayReady products must meet the applicable Compliance and Robustness Rules as specified in the PlayReady License Agreement(s). Microsoft has launched the SL3000 certification program for Intermediate Product Licensees to demonstrate compliance and robustness of their PlayReady products.
Riscure Assurance for Premium Content
Riscure Assurance for Premium Content is a security evaluation program specifically designed for Media technology vendors such as secure chip vendors and secure application vendors, to provide assurance to content owners and operators allowing those to decide about risks and liability on the basis of a trusted third party review. Developed by Riscure, it is the only comprehensive tool available that gives assurance from an independent market leader and is based on years of experience and hundreds of successful projects for the Premium Content market. Riscure Assurance for Premium Content specifically helps the industry by introducing the universal security assurance levels for a wide variety of components and software modules based on Trusted Execution Environment (TEE) technology. Learn more and request a quote.
Riscure Assurance for Premium Content offers:
- Respect for the unique industry requirements (watermarking, DRM, SMP)
- Perfect timing and flexibility through modularity (modular evaluation of available components)
- Publicity and privacy (you can share the assurance level without disclosing evaluation results)
- The most advanced attack methods (Side-channel, fault injection and logical attacks)
- Compatible with common certification programs
Ahead of technology and attacker capabilities
Pay TV is traditionally a frequent target for pirates to attack. At the same time, the security architecture of Pay TV operations is becoming increasingly complex, as new services such as Video-on-Demand and Catch-up TV are offered using IP, and Over-The-Top TV (OTT) lifts off. Riscure helps Pay TV operators, manufacturers and CA/DRM vendors that need to take informed business decision about piracy risks in order to maximize their revenue. Riscure Security Lab is the most trusted security service in the industry, delivering to-the-point security assessments and cutting edge knowledge about attacks. Our security targets include for example consumer devices (STB’s, smart phones, tablets, etc); chipsets inside these devices; hardware and software CA/DRM technology; and network security and availability. Our tests can be focused on any stage in the life cycle, from the initial design to the final deployment in the field.
Our approach implies that we continuously look for different, yet practical ways to break into the system. Therefore we spend significant time researching security technology trends and attacker capabilities. As part of that we contribute to security conferences and publish scientific papers. This knowledge also feeds back into our products and services in the form of cutting-edge attacks. For example, Riscure Security Lab can perform EM Fault Injection as part of our service.