Straight to the heart of the content with TV Everywhere

Verifying that the user has paid for the content they access is essential in new business models. Tom Abbott, Developer Evangelist at Brightcove, offers in this Tribune some keys related to fundamental aspects in TV Everywhere such as authentication.

TV Everywhere is quite a discovery. It allows you to watch television when you want, but controlling the content to allow you to see only those for which you have paid. If customers didn't pay there wouldn't be great programming to watch. In fact, taking a look at my favorite TV apps on the iPad, the ones I use the most are the ones that have TV Everywhere authentication.

One of the key issues is that to achieve TV Everywhere solutions you have to make sure that everything is in the right place. Let's look at the structure and authentication of the platform that makes TV Everywhere possible.

TV Everywhere, simply put, is a verification system that allows content providers to ensure that the user has paid for that content. For example, suppose we have a television channel called TomTV that broadcasts for Android devices. It is difficult to know if the user has paid for the content on my website www.tom.tv (this information is not obtained by TomTV but by the cable provider). This is the problem that authentication in TV Everywhere tries to solve.

In security, this is often called federated authentication or trusted authentication. Federated authentication is intended for one-time identification methods, which is very convenient for the user. This is done by establishing security and trust protocols between the different systems. As web/mobile users, we experience this every time we log into Facebook to use a non-Facebook service. Facebook is trusted to do the user authentication.

Como propietario de TomTV, necesito confiar en un proveedor de cable para autentificar y autorizar a un usuario a ver mis contenidos. Hay una amplia variedad de tecnologías que posibilitan la autentificación (OAuth, Open ID y SAML). Y a un nivel superior ya hay soluciones que han implementado estas tecnologías y tienen protocolos para potenciar sus sistemas. Dos de los principales sistemas de autentificación de TV Everywhere son Adobe Pass y Sola Vision Identity Services de Akamai.

Both Adobe Pass and Akamai Identity Services offer multichannel video programming distributors (MVPDs) the ability to register as user authentication providers. These providers can be used to authenticate and authorize users. This is vitally important for TV Everywhere authentication, because it allows users to authenticate to a wide range of sites (such as Comcast, Verizon, or Dish Network).

That said, the common process for authentication on TV Everywhere would be as follows:

The user accesses a web page to view a catalog of available videos. Some may require authorization, others may not.
If the user clicks on a video that requires authorization, a dialog box opens showing the common MPVD for the user to choose where to authenticate.
When the user selects their MVPD they are redirected to a login credentials access page.
If the user can authenticate, they are redirected to the page of the video they wanted to watch.
When you select a video that requires authorization again, the communication is done in the background. A token is obtained with a declaration by the system that the user can play the video and requires verification by the server hosting the content. The entire process is transparent for the end user.
If the token can be verified, the user will be able to play the video.