Player Security

Project Status:

(roll over for info)


The project has been completed.


August 4, 2020

Estimated Completion:

December 14, 2021

Problem Statement

The project will describe components of a video player, its role in the IP video streaming ecosystem, the vulnerability points of the player and the best practices to better secure a player. The output will be a white paper.

Project Description

Player security came up as an important component to address during the working sessions for the last paper (Securing Video Streaming). In addition, SVA members voted this topic as the next topic of interests to explore. To secure IP video streaming, the entire content delivery to the end device needs to be as secure as possible. And often, the end device/video/media player is overlooked. Several members from the working group (Irdeto, FMTS, Nagra and Synamedia) agreed that player security needs to be better understood so that it is not the weakest link in the IP video delivery ecosystem. The hope is the project will provide better understanding of the role of a video/media player and best practices that will help improve security of a player. It may also help point out areas of the player that may need more attention from the industry to improve security.

Project Type


Project Leads


Goals and Objectives

The objectives of this document are:
  • Provide an understanding of the functions of a video player in the IP video streaming ecosystem through the interactions of the different components.
  • Identify the vulnerability points of a video player and share known security exploit today.
  • Share best practices to improve security of the player.

Project Scope

This document provides:
  • An overview of a video player and the interaction with the IP video streaming ecosystem.
  • Considerations when choosing a video player.
  • Best practices for securing each of the functions of a video player.
  This document does not provide:
  • Recommendations about a specific video player vendor as the video player.
  • Policies for responding when security breach occurs at the video player and result in unauthorized content leakage and/or distribution.
  • Comprehensive security exploits at the player.


The following members have contributed to this project. Click on their name to visit their profile. If they have not published their profile, the link will redirect to their LinkedIn profile.

Additional References

There are no additional references or other required readings need to participate in this project.


The following presentations delivered during Privacy and Protection working group sessions may provide additional information about this project.