View
1
Download
0
Category
Preview:
Citation preview
Hijacked Residential IPs – A New Piracy Threat for Sports Leagues, OTTs and RightsholdersHow to stop the COVID-19 related surge in VPN/DNS proxy based content piracy
WHITE PAPER
White Paper | 2
Executive SummaryDuring COVID-19 there has been minimal fan attendance at sporting events, so the
revenue generated from live sports broadcasts has become more important than ever.
This white paper provides insights on how sports rightsholders and over-the-top (OTT)
broadcasters can safeguard this vital revenue stream, which is being threatened by VPN
providers aggressively marketing their products to promote wide-spread geo-piracy.
It also details how millions of users who downloaded “free” VPN software have
unwittingly had their residential IPs hijacked and then “leased” to other VPNs who sell
them as a premium option to enable users to bypass existing VPN detection using
“undetectable” IPs.
The white paper explains the tools and techniques that sports rightsholders and OTT
broadcasters can use to combat both conventional VPNs as well as the new threat
caused by hijacked residential IPs, including solutions integrated at the content delivery
network (CDN) level.
Table of ContentsExecutive Summary 2
Geo-Piracy: a Major Risk for OTT Sports Broadcasters and Rightsholders 3
Geo-Piracy Undermines Territorial Business Model 4
Don’t OTT Broadcasters Already Check End-User Location? 5
Hijacked Residential IPs – A New Threat to Broadcasters and Rightsholders 6
Solving the Residential IP Problem 7
VPN and DNS Proxy Providers Know What Customers Want to Watch 8
Stopping VPN-Based Geo-Piracy Safeguards Revenue 9
How GeoGuard Can Help 9
White Paper | 3
Geo-Piracy: a Major Risk for OTT Sports Broadcasters and RightsholdersWith minimal or no fans at sporting events due to the
pandemic, comes a dramatic increase in the use of live sports
streaming services. This situation has also led to a huge surge
in the use of VPNs and DNS Proxies to access geographically
restricted live sports content. As more people are staying
home, VPN and DNS Proxies providers are using the pandemic
to aggressively market their location spoofing products.
For OTT sports broadcasters, content leakage and geo-piracy
via VPNs and DNS Proxies puts them at potential breach of
their territorially-based content distribution contracts with
rightsholders, and undermines their existing pricing strategies.
For rightsholders, geo-piracy erodes the value of their content,
putting the ongoing economic viability of their operations at
risk.
Because OTT access is multiplatform, protection needs to
be applied evenly, ideally at the CDN level, across all popular
digital touchpoints. Additionally, GeoGuard has identified at
least six major VPN and DNS Proxy providers using hijacked
residential IP addresses to circumvent traditional VPN
detection.
GeoGuard provides a suite of geo-filtering and fraud detection
solutions, combined with human intelligence, to stop internet
users from spoofing their location. Our solutions are already in
use by some of the world’s leading broadcasters, rightsholders
and OTTs and are integrated at the CDN level on both Akamai
and AWS CloudFront, as well as many other platforms.
Contact us at solutions@geoguard.com for more
information.
White Paper | 4
Geo-Piracy Undermines Territorial Business ModelMinimal or no fans at sporting events during the pandemic means more demand
for live sports content over the internet. This has led to an increase in the use of
streaming services and in the use of VPNs and DNS Proxies for users to spoof their
IP address in order to access geo-restricted content.
In addition to the illegal piracy aspect of this activity, the growth in geo-piracy via
VPNs and DNS Proxies undermines the territorial business model that sports
leagues, content owners, sports rightsholders and premium OTT broadcasters rely
on for revenue.
The effects of geo-piracy can be seen in the 2020 case of BeIN Sport, a Qatar-based
sports network, when they classified Serie A’s football matches as non-exclusive
content because of rampant piracy.
Its chief executive, Yousef Al-Obaidl, told the live sports streaming ecosystem if
rightsholders don’t do everything they can to protect their content from piracy, then
he’s either not going to bid for those rights or will price them lower accordingly.
The price of the piracy for Serie A translated into approximately $200 million
dollars, which is the estimated amount that Serie A refunded to BeIN.
The Risk Posed to Rightsholders by VPNs/DNS Proxies:
White Paper | 5
Don’t OTT Broadcasters Already Check End-User Location?Geolocation checking based on a users’ IP addresses is currently the most popular method among OTT broadcasters.
However, due to a lack of commonly applied standards, often the geo-fencing techniques used are undermined by:
Virtual Private Networks (VPNs)
A tool used to add security and privacy to
private and public networks in order to
mask the user’s IP address. Thousands of
sites offer easy to use, one time setup VPN
services that will allow the user to hide their
location. VPNs are increasingly popular.
Plus, due to VPN-blocking attempts, they
now even offer residential IP addresses to
bypass existing detection methods.
DNS Proxies
Enable a computer or mobile device to
access region-restricted or blocked content
from anywhere in the world. A connection
between the consumer and the site serving
restricted content is established through a
proxy server located within the approved
areas for accessing the content.
Plus, it’s easy for consumers to bypass IP address checking. Common methods include:
Using no or poor
quality VPN/DNS
Proxy detection.
Failure on the part of
the OTT broadcaster
to integrate properly
(or at all) at the CDN
level with their geo-
fencing vendors.
Failure to
differentiate between
mobile and fixed
Internet connections.
Failure on the part of the
OTT broadcaster to share
traffic data or collaborate
with their VPN/Proxy
detection vendor to block
the most popular VPNs
and Proxies.
1 2 3 4
White Paper | 6
Hijacked Residential IPs – A New Threat to Broadcasters and RightsholdersTo circumvent geographical restrictions on content, users have been downloading
“free” VPN software. However, these “free” VPN providers, such as HolaVPN and
SmartProxy, essentially “hijack” the residential IP address of the people who
download the free software (through a complicated terms of service agreement)
and then sell (or “sublease”) these residential IPs to other service providers.
These service providers in turn sell these residential IP to users as “undetectable” or
premium IP addresses in order to bypass traditional VPN detection, which can only
detect the data center IPs used by VPN/DNS Proxy providers.
Examples of “Free” VPN Providers Selling Residential IPs
HolaVPN
Over 130 million users of their VPN services; their Chrome browser extension alone has almost 9 million weekly users
SmartProxy
40 million residential IP addresses
Luminati
72 million residential IP addresses
Oxylabs
70 million residential IP addresses
White Paper | 7
By integrating VPN detection at the CDN level, this switch can be easily detected and the illegal stream stopped.
Did You Know?
GeoGuard is integrated with industry-leading CDNs
GeoGuard’s advanced, continuously updated VPN and
DNS Proxy detection solution is now integrated directly
with some of the world’s largest CDN providers, including
Akamai and AWS CloudFront, making it even easier to
combat geolocation fraud and content piracy. This CDN
strategy provides rightsholders and content owners with
the highest level of protection from geo-piracy caused by
both standard data center IPs and residential IPs.
If you’re utilizing Akamai, AWS CloudFront or any other
CDN, please contact us at solutions@geoguard.com for
more information.
Buy Now
Learn More
Solving the Residential IP ProblemResidential IP addresses are expensive to use for the actual delivery of the streaming video content, so they are only
employed at the website level to grant users access to the content. When the actual stream starts, the VPN provider
switches to a cheaper, non residential IP (a data center IP) at the CDN level.
White Paper | 8
VPN and DNS Proxy Providers Know What Customers Want to WatchGeoGuard actively tracks the most popular and active spoofing services (over 1,000 of
them and counting). These companies market themselves aggressively, often targeting
specific sports content or an OTT broadcaster it knows consumers are looking to watch.
For instance, they offer step-by-step guides on how their product can be used to access
major sporting leagues’ streaming content at drastically lower costs.
Geolocation performed by using the end-user’s IP address.
Use Case: A sports fan in the United Kingdom wishes to watch English Premier League football matches without paying for a domestic Pay-TV subscription. While doing some online research, the sports fan comes across a foreign free-to-air OTT broadcaster which shows the same games in English. However, the website cross-references the fan’s IP address against a standard IP location database, detects that it comes from another country and displays an error message stating their location is outside the broadcast territory.
The fan does some additional research and finds several VPN providers detailing ways to circumvent the restrictions. After signing up for a VPN subscription and installing a small piece of software, the fan can set their IP address to be inside the foreign broadcaster’s territory. After revisiting the free-to-air website, it fails to detect the IP address as one that has been used for the last three months by the VPN provider and grants full access to watch the games.
Solution: When the fan visits the OTT broadcaster website via a VPN, their IP address is screened against a highly accurate and up-to-date database of known IP addresses used by IP anonymizing services - a database that is updated several times a day. The IP address is recognized as one belonging to a known data center which hosts VPN connections. An error message is displayed informing the fan that the IP address is outside the broadcast territory.
Scenario 1 – IP-based Geolocation
Geolocation performed by using functionality available at the CDN level.
Use Case: A German consumer wants to watch the latest local football matches. The consumer is aware of a cheap streaming service which broadcasts them across a number of Latin American countries. Using a computer connected to the internet via Wi-Fi, the consumer visits the relevant site in order to sign up to the service.
Upon launching, the site queries the user’s IP location and informs them that the Wi-Fi connection is located in Frankfurt, Germany, not in any part of Latin America. However, the consumer anticipated that this could happen, so they activate their premium VPN that employs residential IPs to get access to the website. Once on the site, they select the stream for the match they want to watch.
Solution: Residential IPs are expensive, so they are only employed at the website level to grant users access to the content. Once the actual video starts streaming, the VPN or DNS Proxy provider switches to a cheaper non-residential IP address (a data center IP). By integrating a solution at the CDN level, this switch can be detected by the CDN to stop the stream.
Scenario 2 – CDN-level protection
Example Scenarios
!
Stopping VPN-Based Geo-Piracy Safeguards RevenueBecause sports content varies considerably in price
between domestic and foreign markets, broadcasters
need to implement a high standard of end-user location
verification to remain compliant with rightsholders’
requirements. To protect their business and pricing
models, they must ensure that their geolocation
solution is effective and approved by the relevant sports
rightsholders.
With less or no fans in the seats for sporting events,
it is critical for sports rightsholders and OTT sports
broadcasters to ensure they are gaining the maximum
revenue from their live sports broadcasts and safeguard
the value of this content for their international OTT
providers, who bid for exclusive broadcast rights. As
we have seen, if rightsholders are not doing everything
in their power to protect their content from piracy, the
value of their content will decline.
The pandemic has seen a surge in all forms of piracy
as users seek ways to illegally access content. It may
seem a daunting task to address piracy in its entirety,
but fortunately geopiracy and geolocation fraud caused
by VPNs and DNS Proxies is one area that can be easily
tackled through the use of the integrated solution that is
offered by GeoGuard.
At GeoGuard, we focus solely on geolocation-based
security and protection of digital content. As the only
independently rated market leader for protection
against VPNs and DNS Proxies and a Hollywood
Studio Approved solution, we help the digital media
ecosystem and other industries guard against
geopiracy and location-based fraud.
GeoGuard’s industry leading VPN/DNS Proxy detection
solution is continuously updated and fully integrated at
the CDN level with Akamai, AWS CloudFront and others
to provide fast and easy access to our award-winning
technology. This enables online broadcasters to
utilize GeoGuard’s solutions to remain compliant with
studios’ and sports rightsholders’ content protection
obligations.
Our detection solution is updated multiple times per
day and can distinguish between mobile and fixed IPs,
residential IPs (via CDN) and IPv6 addresses. GeoGuard
has been independently tested and rated as 97.5%
effective in detecting and blocking VPNs by Kingsmead
Security.
Contact us to learn more at solutions@geoguard.com
GeoGuard is also available through Akamai and AWS Marketplace
How GeoGuard Can Help
Recommended