The Farncombe Security® Watermark Implementation Review
Overview
In addition to testing the robustness of a watermarking solution, Cartesian also reviews the security of its end-to-end implementation. An assessment of the end-to-end implementation is crucial because even with a robust watermarking technology, an insecure implementation can render it completely ineffective.
Our Approach
Cartesian’s Farncombe Security® Watermarking Implementation Reviews are a variant of the Farncombe Security® Audits, specifically targeted to end-to-end watermarking implementations.
These reviews can apply to both client-side and server-side watermarking solutions, and are aimed at either:
- Video service providers, who want to make sure that the watermarking solution they have deployed has been implemented on their platform in a secure way, and will not be easily circumvented by attackers, or
- Watermarking solution vendors, who want to improve the security of their product’s design, or want an independent and impartial 3rd party to testify to this security, which complements our Watermark Robustness Testing.
The deliverable is a report detailing strengths and weaknesses identified, analyzing threats, attributing a security score in different areas, and listing a set of actionable recommendations for improving the system’s security.
Farncombe Security® Watermark Implementation Review Coverage
Cartesian review the security of both client-side and server-side watermarking solutions. We verify how the solution is protected against attempts to, for example, deactivate the watermarking process, modify the marked identifiers, or break the traceability chain. This includes for example:
- End-to-end system design
- Integration within the head-end
- Security of the production environment
- Hosting and IT security
- Interfaces and remote command mechanisms
- Device/user/session identification
- Security of the traceability chain from ID to user
- Cryptography used and provisioning of secrets
- Segregation of secrets across customers
- A/B sequence implementation and resistance to tampering (for session-based solutions)
- Integration within clients and video path (for client-side solutions)
- TEE usage, obfuscation and white-box cryptography (for client-side solutions)
The Farncombe Security® Shield Mark Program
Upon completion of a Farncombe Security® Watermark Implementation Review, businesses may choose to display the Farncombe Security® Shield Mark on their website and publicity materials. Displaying the Shield Mark indicates that a report is available from the auditee upon request.
Why Cartesian?
Unbiased and independent Review, recognized and trusted by the Hollywood studios.
Unique Farncombe Security® reference brand, associated with the security of digital contents for more than 30 years.
Unique in-depth review exclusively focused on the implementation of watermarking solutions.
Fit-to-purpose review method and scope, adapted pragmatically to every specific case.
A complement to our Farncombe Security® Watermark Robustness Testing.
Renowned Farncombe Security® Shield Mark.
Case Studies
Get in touch
Need security support or advice?