Secure Session Management

The SDK supports NAGRA’s Secure Session Manager (SSM), enabling monitoring and limiting the number of sessions in parallel, chiefly to protect against account sharing. Security is enhanced as the session manager is linked to the license manager, with the licence regularly renewed during playback.

When the player acquires or renews a licence for playback, it also needs to obtain a session token. The licence server provides the session tokens (per content or account), counts the number of active sessions, and limits the number of permitted concurrent sessions.

An SSM session is set up when a user starts playback of a content item and is torn down when playback stops. SSM also uses Widevine’s periodic licence renewal as a heartbeat; if the SSM server does not receive a heartbeat at regular intervals, it deems the session expired, the licence is not renewed, and the session count drops by one. This ensures that even if no teardown message is sent by the player (for example, a device lost network connection), the session expires anyway.

The SDK provides two methods for SSM integration, called V1 or V2.

With V1 the client application or player will do the SSM setup separately before the playback/retrieving license, and do the SSM teardown when playback stops.

With V2 and the latest SSP license server v2 API, the SSM setup will be done during the license request and there is no SSM setup from client. The session will be torn down when zapping. Application can call SSM tear down if user doesn’t do zap but need free the session and give to other devices.

Please refer the different page for the details