This means having a hardware toot of trust protecting credentials such as keys from the rest of the system, in this case embedded in the TVkey chip, along with support for forensic watermarking. The latter enables indelible but effectively invisible marks to be inserted into the content at points of consumption so that the source of any subsequent illicit redistribution over the Internet or by other means can in principle be traced.

TVkey was originally launched at IBC 2016 by Nagra, which followed up at CES in January 2017 by opening it up to third party chipmakers. MStar then became the first chip maker to start making TVkey-compliant chips, making it more likely that other smart TV makers besides Samsung will incorporate the technology later this year or in 2018.

The package opened yet another chapter in the long running debate over the future of the set top box. While the TVkey appears to obviate the need for a set top, it also confirms once again that some form of external unit, in this case the dongle, is required to protect premium content and ensure a secure end-to-end path.

Samsung and Nagra present TVkey as a gain for consumers, pay TV operators and smart TV makers alike, by enabling premium channels including potentially UHD content to be delivered without a costly traditional set top. Consumers gain by being able to buy a smart TV and access a pay TV service almost immediately without having to subscribe to a traditional full package. The operator benefits by staying in the loop with smart TVs and not missing out on potential customers who otherwise might make do just with OTT packages from the likes of Netflix and Amazon. The smart TV makers win by being able to give customers a fast and less costly route to premium content, making their products more attractive.

The TVkey USB dongle can potentially be sold to existing smart TV owners as an add-on, or pre-packaged at the point of sale. Consumers can then insert TVkey into their Samsung TV USB port, register with a pay TV operator, and immediately start watching with full access to the EPG and applications. In the case of HD+, there is a promotional period during which buyers of compatible Samsung TV sets from participating dealers in Germany will receive the HD+ TVkey free of charge by registering on the HD+ website. This gives a free six-month HD+ subscription, which can then be converted into a regular subscription upon expiry.

The package supports the emerging model for content security in a connected world, based on the Trusted Execution Environment (TEE) founded on the hardware root of trust where key credentials are held. The TEE isolates the cryptographic environment where content decryption occurs from standard apps and services running in the CPE device, in this case a Samsung smart TV. The TEE is embedded on a device’s SoC and separates the platform into what is sometimes called the Normal World where the OS and most applications run, and the Secure World where special trusted applications and the cryptographic algorithms are executed. Most versions of the TEE, including Samsung’s, follow the standard developed by Global Platform, specifying an API designed to allow interoperability between platforms and for developers of trusted applications to follow.

There are still competing flavors of TEE at the moment and it remains work in progress, with some significant challenges currently being addressed. A major one is to provide a secure end-to-end path from content source to the TEE in the end device that replicates the traditional closed link with the set top box, equally resistant to piracy. This would enable secure downloads of updates and apps over the Internet to the TEE.

Meanwhile Samsung has stated that it wants to establish the TVkey framework based on Nagra’s root of trust as the de facto standard for accessing premium pay services directly on smart TV sets. Samsung and Nagra are creating a body to handle licensing of the TVkey technology, allowing access by third-party chipset, TV, dongle and even other content security vendors.