OATC Documents
OATC Documents
The SVTA absorbed the Open Authentication Technology Committee (OATC) in 2023. Part of that was committing to making their documents available. You can also find information about the organization on their OATC microsite.
Showing all 8 results
-
$0.00The OATC Authentication Conversion Funnel for Content Programmer’s Apps and Sites Recommended Practice document serves to define a set of metrics and funnel steps for the authentication process as it pertains to a Content Programmer’s TV-Everywhere sites and apps. Subsequent goals include adding representative data to each of the steps to better understand where the biggest problems are and to create a set of reference implementation guidelines. The current document focuses on the Authentication funnel for users who actually have to login on the MVPD page – so the username and password based authentication (first time or not). This means ignoring second screen authentication use cases (e.g. Xbox360) and Social ID use cases. Authorization is also not handled in this version of the document. These additional cases will be covered in a future version of the document.
(Downloads - 1)
Quick View -
$0.00
The OATC Home-based Authentication (HBA) Recommended Practice document examines the various use cases involved in HBA implementations. The document enumerates the trivial to complex scenarios facing distributors, while stopping short of specific solution details. The goal of the document is to aid distributors in clearly identifying their situation and providing recommendations on multiple paths forward. The document considers the complications added to basic HBA by features such as sub-accounts and parental controls, and offers varied approaches based on the respective capabilities of content providers and distributors. With HBA’s potential to remove impediments to user access of TV Everywhere content, this document strives to evangelize the concept and aid the development process.
(Downloads - 1)
Quick View -
$0.00
The OATC Error Messaging for TV Everywhere Authentication and Authorization Recommended Practice document serves to define baseline error messaging for TV Everywhere authentication and authorization with the end goal of presenting clear and consistent error messaging to users with the larger objective to improving overall user experience. The initial draft of this document focuses solely on identifying the error conditions and error messaging displayed to users when they try to access content on TV Programmer websites in a web browser.
(Downloads - 0)
Quick View -
$0.00
Home-based authentication (HBA) is a TV Everywhere feature aimed at reducing sign-in friction by removing the need for users to manually enter credentials while they are in their homes. This document from the OATC Usability Working Group, a subcommittee consisting of both content providers and distributors, outlines the guidelines for creating the best HBA user experience on programmers’ and distributors’ Web and mobile TVE properties.
(Downloads - 1)
Quick View -
$0.00
The OATC Metadata Feed Recommended Practice document serves as a recommendation for content providers (“Providers”) and content distributors (“Distributors”) who have a need to exchange data to describe their content and detail how it can be used and further distributed. Adherence to these practices allows implementation of a single data package and could eliminate the need to code provider-specific (or distributor-specific) interfaces. This, in turn, simplifies the content exchange and helps to ensure that metadata is of a consistent quality and delivered in a timely manner. The Metadata Feed Recommended Practice recommends a method for exchange of content metadata between providers and distributors. It is not intended, not is it likely appropriate, to provide a data source for use directly by the end consumer of the content. The delivery of subscription content metadata normally occurs in one of two ways. Method 1 involves the static delivery of a metadata “sidecar” file alongside the audio/video content. Method 2 entails the provision of metadata via an XML document delivered by a web service, generally referred to as a “Metadata Feed”. Under this feed concept a distributor would be expected to call the web service periodically to learn of newly available content or changes to existing content. The refresh rate is subject to agreement between the content provider and the distributor, but it is encouraged that the data be refreshed on a two to four hour basis in order to facilitate quick and effective content takedowns when such a need arises. A Metadata Feed describes all of the distributable content available to a distributor at the time of the request, and for a pre-determined window afterwards. For example, a provider may stipulate that the feed includes all content scheduled to be (or to become) available at any time during the following eight hours. The actual time at which the content becomes visible to consumers is driven by data within the feed itself. The Metadata Feed specifies the provider that is offering the content data along with a collection of “TVE Items”. Each TVE Item contains all relevant data for a particular program or content item. Data for a given TVE Item may change from one update to the next, so distributors are expected to parse the entire feed and apply changes to their own data stores as such changes occur. To assist with this process, each Metadata Feed contains a time stamp that indicates when the data was sent. This time stamp is an ever increasing value useful for comparison.
(Downloads - 0)
Quick View -
$0.00
OATC standards secure back-end data exchanges between content websites/applications and MVPD billing and authentication systems that preserve consumer anonymity and privacy. In addition, the standards define the architecture, protocols and data formats needed to build and deploy interoperable systems that authorize access by consumers. The OATC OMAP specification is a voluntary open standard that provides MVPDs and programmers with consistent technology guidelines for verification service systems that make customers’ subscription content available online across a variety of Internet-based platforms. Multimedia content publishers and distributors are expanding their reach beyond traditional outlets to include a broad range of Internet connected devices, enabling greater consumer access, choice and convenience. Extending subscription and related business models to provide consumer access to media content over the Internet requires new methods of securely authorizing users, their devices and client software. Consumers want these methods to provide a simple and consistent experience, avoiding unfamiliar, intrusive or frequent logins which could discourage usage and broad adoption. They should enable sites and applications to provide customized search results, navigation and personalization while ensuring that the consumer’s identity and privacy are adequately protected. For technology vendors and third-party service providers these methods must provide interoperability, enabling them to develop value-added services and commercial solutions that can be used across the entire TV ecosystem on the Internet. This specification addresses Authorization – the process of granting or denying access to a network resource, e.g. protected media content. It defines the architecture, protocols and data formats needed to build and deploy interoperable systems that authorize access to protected media content on any Internet-connected device. User Authentication, which validates the consumer’s identity, is out of scope. Various authentication methods, such as SAML 2.0, may be used as needed in conjunction with this specification This specification is compliant with the OAuth 2.0 protocol. OAuth 2.0 provides support for both browser and native applications, is natively RESTful with strong developer framework support, and has broad and growing industry adoption. The OAuth 2.0 specification uses JSON data structures. JSON (JavaScript Object Notation) is a lightweight, text-based, data interchange format for the portable representation of structured data. This specification uses additional JSON based specifications for web tokens, encryption and digital signatures.
(Downloads - 0)
Quick View -
$0.00
The Social Login for MVPDs Recommendation Practice provides baseline recommendations on how MVPDs can leverage Social Networks such a Facebook, Twitter, Google, Yahoo to improve the TV Everywhere user experience.
(Downloads - 0)
Quick View -
$0.00
The purpose of this document is to outline the OATC-endorsed Usability Recommendations for the TV Everywhere authentication experience. This document represents an initial set of recommendations based on Usability Testing that was conducted by the OATC in April 2014. This set of OATC TVE Usability Guidelines are aligned with CTAM’s TVE Usability Recommendations and extend them in some areas.
(Downloads - 0)
Quick View
