SmarDTV Global, a French technology company that is a leader for secured devices in the Pay-TV Industry has supported TRAI’s KYC paper recommending the introduction for location-based services (LBS) in set-top boxes along with identity verification of the subscriber whenever a set-top box is purchased.
In a brief response to TRAI’s KYC consultation paper dated 19/07/2019 on KYC of DTH Set-top boxes, SmarDTV said that it considered it important that a proof of identity is given by the subscriber whenever a STB purchased, to ensure that the identity and more importantly their bank details of honest people are not used illegally for subscription to Pay-TV services. It added that they understand that the KYC process would discourage and track malicious people adversely using the identity for DTH subscriber for wider range of people benefit or transferring STB across locations.
On periodic verification of KYC, the company said that a one time KYC should be established along with periodic basis subscriber’s location and subscriptions to be ensured which can be done quarterly or on a half-yearly time frame. This can also be alerted during the payment cycle. It said that KYC should be established for already deployed and new set-top box deployment. Per Unit verification and authentication can take about 1 hr approximately after which location movement can be monitored.
SmarDTV said that LBS makes sense to track STB smuggling out of India and that it also saw the value of ensuring that the honest subscriber is using the STB at the exact location as registered at the time of subscription. It said that Geo-Fencing could be incorporated into set-top boxes without having to increase the cost. The solution proposed is to mandate the DTH STB to authenticate part of the signaling as broadcasted by the Indian satellite.
According to SmarDTV, the STB manufacturer will be asked to code in the application a check of the DVB network_id and original_network_ID and to only install display channels coming from Indian network identifiers.
This offers appropriate security:
- Changing the STB software to disable the checks is very difficult thanks to secure boot.
- To change the network_id of the signal processed by the STB, one must acquire, demodulate, modify and re-modulate the signal. This is doable but expensive and unlikely to be the basis of a popular hack.
- A neighboring country or region could decide to re-use Indian’s network_id. While nothing can prevent this, it would be very visible – this could be verified regularly by appropriate market intelligence.
A stronger check of the incoming signal can be enforced by signing of the Network Information Table (NIT) at the head-end side and requiring that a DTH STB verifies the authenticity of the NIT before it initiates the service installation.
02 September was the last date for the submission of the counter comments on the consultation paper. Tata Sky, Airtel and Dish TV had earlier opposed the paper while the broadcasters supported the KYC paper. Solutions provided by SmarDTV have not been suggested by anyone earlier.