Skip to main content

[Service Notice] DRM license policy update for Widevine device revocation

hj youn
Updated

Dear PallyCon users,

 

Regarding the Widevine DRM License issuance policy of PallyCon Multi-DRM service, there will be a policy change for devices Google has withdrawn whose Widevine certification.

Google is in the process of revocation of Widevine certification for devices that have found security vulnerabilities and can no longer update OS/firmware. 

Those Android devices are basically restricted from getting Widevine Licenses, while license issuance and Widevine DRM contents playback can be enabled when the [override device revocation] option is set to true.

 

PallyCon Multi-DRM service has set the default value of the policy as true to prevent the sudden service outage of the devices. However, to strengthen the security of your service regarding Widevine DRM, the default policy will be changed to false from May 24, 2022 (Tuesday).

The revoked Android devices cannot get Widevine license after the due date unless you change the policy in DRM license request.

 

● Date of the update
  - Tuesday, May 24, 2022 (KST)

● Changes
  - The default policy of overriding Widevine revocation will become false. (does not allow license issuance)

 

Please check the below QnA for further details.

  • Q: After the default policy has been changed, what happens when playback (license issuance) is attempted with a revoked Android device?
    A: Widevine license issuance will fail with one of the two error codes below.
     - 7110 error: The device is revoked but it can be overridden by changing the policy in license token. 
     - 7115 error: The device is permanently revoked, so overriding is not possible.

  • Q: Is it possible to keep supporting the revoked Android devices after the policy update?
    A: You can allow license issuance to the devices according to the token's security policy setting. (For devices that receive error code 7110)
      If you are currently using the token type DRM integration, you can keep supporting the devices by setting the "override_device_revocation" policy to true.
      If you are using the callback method or the license token v1.0 specification, you must switch to the [license token v2.0] specification to use the "override_device_revocation" option.
      You can check the corresponding token specifications in detail at the link below.
       - License policy JSON data (v2.0)_security_policy.widevine
       https://pallycon.com/docs/en/multidrm/license/license-token/#security_policywidevine
  • Q: Will PlayReady and FairPlay DRM be affected?
    A: This policy change only applies to Android devices with Widevine DRM, and does not affect devices with PlayReady or FairPlay DRM.

The update schedule is subject to change depending on circumstances, in which case a separate notice will be posted.
If you have questions regarding this guide, please contact us through the Helpdesk.

 

Thank you for using PallyCon service.

Was this article helpful?

0 out of 0 found this helpful
Return to top

Related articles