Android TV: security, a new challenge for PayTV operators

In March 2019, an Indian user tweeted that he’d discovered a bug that indicated Google had failed to protect the privacy of users. It was determined that a flaw with Android TV created a serious vulnerability that potentially exposed users’ Google Photos. At the same time, Android TV announced that 130+ operators were using Android TV Operator Tier ATOT, and journalists insisted “Android is winning !“, “The momentum for Android TV – driven by content, apps and by the shortened time-to-market – appears unstoppable.”, “There is no viable competing platform.” In light of the serious security concerns that come with such a breach, is it possible to take these headlines seriously? And how can new platforms learn from the mistakes of Android TV to offer a significantly more secure solution for operators and consumers? Reflecting on the mistakes of Android TV, ONTV has developed a new hybrid solution that is the most secure and cost-efficient on the market.

Operator Implications

Beyond the apparent market consensus in favour of Android TV, it’s important to understand the impact of a security breach for PayTV operators. This kind of failure has implications for their own business viability and is in many ways more significant than for a retail provider of electronic devices like OTT Android boxes and smartTV.

Understanding the Threat

As explained by Frank Poppelsdorft, VP of Product Management for Irdeto, “The nature of open platforms does mean there are inherent security risks that must be addressed by operators.” These include content piracy (as with the Kodi app), STBs that are reloaded and repurposed with unauthorised software and sideloading of malicious apps. Any of these threats represent potential lost revenue, STB investment decline, as well as compromising brand, data or platform credibility. On this point, Pierre-Alexandre Bidard, VP with Viaccess-Orca insists that security is a central issue for operators, not just to protect content, but also, “because the STB can become a weapon”, if used to launch Dedicated Denial of Service (DDoS) attacks on other organisations. All of these concerns will play a significant role in terms of the implementation and management of devices, even as Google makes a more concerted effort in regularly reinforcing security measures with monthly updates and regular monitoring of the OS.

Open to Attack

Riscure is a globally recognised security lab that provides services, tools and diagnostics. Their white paper, Premium Content Delivery on Android: How to Guard an Open Platform, summarise the situation, “The Android platform gives the user a variety of options to interface with the device. Even though this gives the user more freedom, it also gives the user the ability to repurpose the device. Additionally, it widens the attack surface immensely, compared to traditional STBs. Since Android is open-source, everything an attacker needs to know can be found online.”

Operator Vulnerabilities

Riscure also carefully explain the many unknown risks for PayTV operators that come with using a standard STB. Android TV can easily repurpose the STB, making the device capable of denial of service attacks. Denial of service attacks prevent the user from watching content and, in particularly damaging attacks, are performed against a provider or a specific element of its infrastructure. In some cases, the only solution to an attack is to replace infected STBs. Meanwhile, malware like Loapi and BadLepricon can also repurpose Android TV, making it part of the cryptocurrency ecosystem. This serves to reduce both the performance and lifetime of the STB, necessitating equipment replacement and repair.

Browser Liability

Thanks to an internet connection and embedded browser, a device can be vulnerable to remote attackers. Malware embedded in a web page can steal CPU time, exploiting the entire system or repurposing it by installing ransomware like SLocker. Malicious advertising may not necessarily be under the control of a content provider and can be difficult to resolve.

A Threat for Data

Android TV stores a wealth of data, including usernames, passwords, email addresses and credit card information. To properly protect this data, complex mechanisms like anti-tampering and anti-debugging, code obfuscation and hardware cryptographic engines are necessary. Maintaining deep control of updates and ensuring only approved updates can be installed can help protect users. However, attackers can use the change log that accompanies each Android TV update to develop a new attack and gain remote code execution on any device that has not yet received a patch. The result of these vulnerabilities is that serious validation, evaluation and monitoring of the STB is necessary before and after deployment. Time to market will be significantly increased, as will opex and maintenance costs creating a serious disadvantage for PayTV operators.

A Better Way

Faced with these kinds of threats, ONTV is the most secure hybrid solution on the market. It comes with high-level UX and low surface for attack given that it operates without a browser. ONTV is a proprietary solution built on a trusted hardware chain and trusted execution environment (TEE) making it a secure and reliable choice for operators. Every piece of hardware equipment that is capable of playing content is fully identified by a secured chipset or a key stored in a trusted zone. Communication between the Smartphone and STB is secured by a patented protocol.

The Simplest Solution

The simplified software architecture of ONTV offers a streaming feature without the need for a web browser within the STB and with restricted applications. This hugely reduces the surface for attack making it a simpler and more secure alternative to Android TV. ONTV by its very nature is a secure platform and much more impervious to malware, spyware or virus threats than any open solution currently on the market like Android TV with its complex middleware. ONTV benefits from a close partnership with CA and DRM vendors to offer new watermarking solutions, essential for operators looking to eliminate piracy. It’s easy to manage content security without worrying about potential back doors to the ONTV. Simple solutions really do make for the most secure solutions.

Other articles you might like