Omdia’s report recognizes apps as an avenue for piracy, as premium video and game play have migrated online and gone social. It describes three core categories of app protection: code obfuscation, jailbreak detection and anti-tampering. Extended protective functionality includes the protection of cryptographic keys.
After applying 12 evaluation criteria, the report identifies three leaders: Digital.ai (technologies formerly from Arxan, CollabNet Version One and Xebia Labs), Irdeto Trusted Software (Denuvo and the former Cloakware) and Verimatrix (Code Shield, App Shield and Key Shield); with Verimatrix receiving the highest numerical ranking. It identifies INKA Entworks (AppShielding), Synamedia (OTT ServiceGuard) and Zimperium as challengers. Zimperium acquired whiteCryption technology from Intertrust earlier in 2021.
Use-cases for app shielding defined by Omdia include:
- Protection from reverse engineering
- Protection of media application licensing
- Protection of content against rooted or jailbroken
- Anti-cheat protection for games
App shielding features include:
- Code obfuscation
- Root/jailbreak detection
- White-box cryptography
- Detecting fraudulent API calls and responses
- Detection of debuggers
- Detection of emulation
While much of the piracy discussion focuses on television, sports and cinematic movie programming, the report reminds us that hacked and fraudulent apps can also attack mobile gaming by changing game rules and exploit in-game micro-transactions. According to Omdia, mobile gaming represented almost three-fourths of global app store revenue in 2020.
Read the report (PDF): “Omdia Market Radar: Media and Entertainment Application Shielding”
Piracy Monitor comment
Omdia’s evaluation also recognizes that some of these vendors have more extensive media security solutions ecosystems than others. Irdeto, Synamedia and Verimatrix all have long histories in protecting pay TV, and those pay TV customers can leverage existing relationships. Zimperium, Digital.ai and INKA Entworks, on the other hand, are better characterized as ‘ingredient’ suppliers, aimed more toward online delivery, key management, service authentication, device protection – and to markets outside of the media and entertainment vertical.
Why it matters
App security is a far-reaching concern, touching all six of Piracy Monitor’s categories of piracy. These are the theft of services and content – by capturing keys. Fraudulent apps can be a pipeline for legitimate advertising; a waste of an advertiser’s budget. If an ad is associated with a malware attack facilitated by a fraudulent app, the reputations of both the advertiser and the app provider can be damaged.
Personal information – “the theft of you” – stolen through a hacked or counterfeit app can also result in damage to consumers financially. Indirectly, a video provider’s infrastructure is impacted: it takes network capacity to carry fraudulent content.
The report was sponsored by Verimatrix. While Irdeto, Verimatrix and Synamedia are sponsoring supporters of Piracy Monitor, opinions expressed by or about these companies in Piracy Monitor do not represent endorsements.