Secure Sync would have prevented flash traders from making a quick profit off an insecure live stream

“The UK’s financial watchdog has launched an investigation into a security breach at the Bank of England that allowed Flash traders to get an 8-second head start due to an insecure audio feed of Mark Carney’s market-moving press conferences.” Source: The Guardian

During Mark Carney’s market-moving press conference on February 7th 2019, traders were able to access content from the live video stream 8 seconds in advance. That 8-second headstart was more than enough for high-frequency traders to make a easy profit.

The image below shows how the stock market moved during the press conference.

Security is key for many low-latency and ultra-low latency live streaming use cases. Content providers need to be able to rely on their video solution to deliver live video at a set latency across platforms and conditions. When money is involved, a group of savvy viewers will always try to get a leg up on other people.

We’ve created a solution to level the playing field and prevent premature “leaks”: Livery is an end-to-end solution that aims to create a more robust live interactive video experience. Livery accomplishes this thanks to 3 key features:

1. Ultra-low latency video based on the ULL-CMAF standard, allowing us to reach millions of concurrent viewers with a latency of less than 3 seconds, for a significantly lower cost than WEB-RTC. More info about low-latency live video can be found here.
2. An interactive layer that uses HTML and Javascript enriches viewers’ live video experience with interactive add-ons that gamify, engage, inform, and reward viewers. For content creators/streamers, the interactive layer provides new opportunities for data collection, branding, sponsoring and eCommerce. The following article provides more insights into the possible interactive live video use-cases.
3. Secure Sync technology that ensures all users see the same image at the same time at the set latency, regardless of their platform or internet connection.

The setup of the different layers of the Livery video player.

In this article, we’ll be exploring Livery’s secure syncing feature. If you’d like to read up on ultra-low-latency live streaming based on ULL-CMAF, check out this post. If you’re interested in our vision for the future of Interactive Live Video, check out our previous post.

For most of our customers, accrued syncing across all platforms is considered to be more important than a glass-to-glass latency of less than 3 seconds. When a higher latency is acceptable, the additional time can be used to improve the efficiency, quality, and stability of the ULL-CMAF stream. The following post provides more details about video efficiency and quality for ULL-CMAF live streams.

In order to achieve synchronization, the encoder writes a timestamp in the m3u8 and mpd file as soon as it starts encoding the stream. An NTP time source is used to create an accurate timestamp. This timestamp is passed along to all of the video players using the video stream, so they know when the stream has started and which portion of the stream they are currently decoding. If a player subtracts the stream start time from the current stream position, it can calculate how far behind it is compared to the encoder. This final figure is the current latency.

Aside from the encoder, the player(s) also use the NTP time source. The local device time is too unreliable to use for the syncing logic. The NTP timestamp is used to calculate the offset between the real-time broadcast and the device (local) time. Multiple time requests are performed to filter out any network hiccups.

If a player detects that it is behind or ahead of the target latency, it can adjust the playback rate. This behavior is a custom setting in the Livery player SDK, which allows users to adjust it according to their needs. The following values can be adjusted:

• Target latency delta: how much a stream is allowed to be ahead or behind
• Catchup behavior: the adjustment curve of the playback rate
• Skip: when the player starts skipping to the set latency.

The players compare the current latency with the set latency on an ongoing basis to correct any drifting during the live stream.

The video players load as many frames in the buffer as possible to provide a smooth stall-free viewing experience, using the Sync logic to play the correct frame. When the video is pushed to the CDN, it is out in the open and accessible if not properly encrypted. With Livery, security plays a crucial role. The team, therefore, needed to determine the best possible encryption solution based on the following business requirements:

• Stream is based on the ULL-CMAF standard (DASH)
• Linear scaling solution able to support 1,000,000 concurrent users
• Information cannot leak more than 0.5 before the target latency
• Stream is publicly accessible

All major Digital Rights Management (DRM) solutions (Widevine, Fairplay, and PlayReady) are compatible with the Livery solution. The encoder encrypts the content with the media keys from one or more DRM providers (MPEG-CENC), then the DRM server checks the player’s license and provides the key for the encrypted video segment.

Livery uses segments of 6 (or more) seconds. Smaller segments have an impact on the quality and stability of the stream. The Bank of England case shows that an 8-second window is more than enough to give some viewers an advantage — And when you want to reduce that window to as close to zero as possible, it’s no longer possible to work with segment-based encryption excluding (almost) all general DRM solutions.”

The Livery team addressed the issue by moving from an encryption per segment system to an encryption per group of video frames system. The size of the group can be set based on the customer’s requirements. Keys are generated by the encoder and pushed to the player via a highly reliable and scalable server. The performance impact on the encoder is limited, since there is a single key per group for all players.

The server also contains dedicated quality of service features. When the key is sent to the player, it sends an acknowledgment back to the server so that the server knows to stop sending the key. If the acknowledgment is lost, the server will continue to retry until it gets the player’s acknowledgment. This way, delivery is guaranteed (although the key may reach the player more than once).

If the streaming solution used by the Bank of England had a similar Secure Syncing feature in place, it could have prevented the issue entirely. We also know that security is a never-ending battle, especially when there is money to be made. The good news is, the Livery dev team loves a good game of cat and mouse — we are always searching for new ways to improve our solution’s security features!

If you want to stream your quarterly results or if you are streaming time-sensitive content like sports or entertainment broadcasts we can help you prevent your live stream from leaking before the set latency.

Interested in learning more about the Livery platform? Get in touch! At Livery, we provide everything you need to launch your very own interactive ultra-low latency video solution, including concept creation, business modeling, front-end design, back-end development, and project management. Check out our website to get inspired by our portfolio and client list, or contact me directly on LinkedIn.