Why can’t I watch Netflix in Ultra HD on my Chrome browser?
The reason is about the security level of DRM and screen recording issue.
After the era of HD (720p) and Full HD (1080p), we now live in a world where Ultra HD (4K) quality content is commonplace. With Netflix Premium Plan, you can enjoy Netflix UHD videos on your TV, PC, or mobile device that supports UHD specification.
However, even if you have a monitor that supports UHD resolution and 60 Hz playback, an HDMI cable that supports HDCP 2.2, and a PC with the latest specifications, you can not watch Netflix video in UHD quality if you use a Chrome browser. (Ref. 1)
In PC environments, UHD resolution is supported only in Netflix UWP app or Edge browser of Windows 10 even if hardware requirements as demanded above are prepared. So why not support more popular browsers like Chrome or Firefox?
The reason is related to DRM technology.
The security level of DRM
Content services such as Netflix use DRM technology to prevent illegal use and distribution of their content.
As I wrote in the above post, content service providers use multi-DRM technology to support various client devices and browsers. However, depending on the client’s environment, the security level of each DRM may vary.
- Hardware-level DRM: The DRM module that performs content decryption is protected by hardware-level security technology. So the decrypted content for playback is securely protected from external processes such as screen capture or hacking tools.
- Software-level DRM: The DRM processing module is implemented only in software. So the decrypted content may be exposed to external processes.
Hardware DRM support according to the client environment of DRM (PlayReady, Widevine, FairPlay) which constitute multi DRM is as follows.
- PlayReady: In a PC environment, certain hardware / software requirements must be met to support hardware DRM. It is also supported on some smart TV or OTT devices. (Ref. 2)
- Widevine: Hardware DRM is supported only on devices that have Widevine Security Level 1 (L1). (Depending on each model of mobile, OTT device, smart TV, etc.)
- FairPlay Streaming: Hardware-level DRM applies to all supported devices (iPhone, iPad, Mac, Apple TV).
In order to use Netflix UHD content on a Windows PC, all of the following requirements must be satisfied.
- Hardware: an Intel CPU after 7th generation(Kaby Lake), Nvidia GTX 1060 or later GPU, UHD resolution and 60Hz refresh rate monitor, HDCP 2.2 supported HDMI cable
- Software: Windows 10 Anniversary update or later (latest version recommended), Edge browser or Universal Windows Platform (UWP) application
To find out if your Windows PC environment supports PlayReady 3.0 hardware DRM, click the ‘Submit’ button in the following web page and check that all the ‘Result’ items are displayed as ‘true’. (Ref. 3)
Software-level DRM has technical limitations in preventing content leakage through screen capture or memory hacking. Especially, in the web browser environment, most of the content services are providing content without installing a separate security plug-in for user’s convenience.
Vulnerability of Chrome Browser and Widevine DRM to screen recording
Chrome and Firefox browsers, which are more popular than Edge in PC, contain a software-based Widevine DRM module (CDM). Therefore, DRM content played on Chrome or Firefox in Windows or Mac OS is vulnerable to “screen recording”.
In such environments, various screen recording tools can be used to capture DRM video played in a browser easily.
In the case of ‘cam version’ which records the playback screen through a separate camera, the quality of image and sound deteriorates through the analog-digital conversion process. However, with screen recording tools, you can get high-quality content closer to the original.
Because of this software-based DRM vulnerability, premium content owners, such as Hollywood studios, request online video service providers to apply hardware DRM to deliver UHD or Full HD content. (Ref. 4)
How to deal with screen recording vulnerability
By applying multi-DRM, you can prevent leakage of original content. However, DRM-applied content may be leaked by a screen recording tool depending on the end user’s client environment.
If you are an online video service provider, you may consider the following solutions to address the vulnerabilities of software-level DRM.
Solution #1 — Limiting the service platform
You can restrict your service to client environments that support hardware-level DRM. It is possible to prevent screen recording by not supporting any PC browser or limiting the supportable browsers.
In Windows, screen recording is prevented and only black screen is recorded when playing content with PlayReady DRM on Edge (Windows 10) or IE11 (Windows 8.1 or later) browser.
However, this approach is not suitable for service providers who want to expand their user base by supporting as many client environments as possible.
Solution #2 — Limiting the content quality
The second solution is to limit the quality of the content, as Netflix does. Many paid streaming services only offer content up to 720p resolution in environments where software-level DRM is applied. (e.g. Widevine L3 DRM on Chrome or FireFox)
Online video services provide content in HTTP-based adaptive streaming formats for optimized playback in a variety of clients and network environments. Adaptive streaming is a technology that encodes a single video content to multiple resolutions, and divides the video of each resolution into lots of small pieces. (Ref. 5)
For multi-DRM content, DASH and HLS protocols are used among the adaptive streaming formats.
To restrict content quality according to the client environment, you need to package DRM content using ‘multi-track’ which divides tracks by resolutions and ‘multi-key’ which applies different security levels to each track.
If you apply hardware-level DRM to the UHD track of the content, the ‘multi-key packaged’ DRM content will be limited to lower than UHD resolution when played in a software-level DRM environment.
Solution #3 — Applying forensic watermarking
Finally, you can also track content leakage through forensic watermarking. When contents are leaked by cam coding or screen recording, it is possible to detect watermark information of the leaked content and track the user who did it.
As I wrote in the below postings, forensic watermarking technology is essential for high-resolution premium content along with multi-DRM.
Netflix restricts the content quality to 720p on Chrome (or Firefox) browser for PCs because software-level DRM is applied to the environments. To support various user environments as much as possible, Netflix is providing HD video to Chrome users while taking the risk of screen recording.
Applying multi-key packaging to DASH or HLS content can limit the maximum supported resolution depending on the playback environment. If you want to deal with illegal distribution even for low-resolution content, you can additionally apply forensic watermarking to track users who leaked.
To quickly and easily apply forensic watermarking and multi-DRM, which are essential for premium content security, it is recommended that you use a professional company that can provide both solutions as a unified service.
‘PallyCon Forensic Watermarking’ is a cloud-based forensic watermarking SaaS service provided by INKA Entworks, a content and application security technology company. It is integrated with ‘PallyCon Multi DRM’ service in a unified content workflow.
- #1 Netflix Help Center — Using Netflix in Ultra HD: https://help.netflix.com/en/node/23931
- #2 Microsoft Dev Center — PlayReady Hardware DRM: https://docs.microsoft.com/en-us/windows/uwp/audio-video-camera/hardware-drm
- #3 PlayReady Hardware DRM test page: http://playready.azurewebsites.net/Home/Hwdrm
- #4 MovieLabs Enhanced Content Protection: https://movielabs.com/solutions-specifications/enhanced-content-protection-ecp/
- #5 Wikipedia — Adaptive bitrate streaming: https://en.wikipedia.org/wiki/Adaptive_bitrate_streaming