mDialog Tackles HTML5 Video Security


Content security, advertising and tracking — these are all things that HTML5 video lags behind Adobe’s (s ADBE) Flash. For most publishers, lack of support for any or all of these capabilities can be a deal breaker — which is why many have chosen to tread lightly or stay away from HTML5 video implementations altogether, despite the fact that HTML5 is the only way to get video on Apple’s (s AAPL) iPhone or iPad.

Because Flash has been used for years as the de facto standard for video publishing on the web, an ecosystem of tools has sprung up for reporting and analytics, monetization and content security. As a nascent web standard, HTML5 video still lacks the same kind of toolset that is available to Flash publishers for years. But some startups — like mDialog — are emerging to help video publishers tackle these problems.

mDialog got its start in building video apps for iPhone publishers, but since the iPad uses the same formatting for video publishing, it was able to extend that expertise to those that want to publish on the new Apple tablet. As a result, mDialog’s HTML5 player already offers advertising support and reporting features for iPad publishers — and was one of the first companies to do so. Now the startup is extending its tool set to include content security.

mDialog’s new feature works by leveraging Apple’s HTTP adaptive bit rate streaming protocol to deliver video to the iPad. The Apple implementation of HTTP adaptive streaming breaks video files in small segments, which are pieced together on the device using variable bit rate playlists. mDialog’s content security encrypts those HTTP adaptive streams using AES-128, applying the encryption to each segment. Since the key used to unlock the encrypted segments is stored within the mDialog platform, those segments can be pushed securely to publishers’ CDNs.

With 2 million iPads sold in just two months, the iPad is rapidly gaining consumer acceptance. And as one of the few companies to be able to offer advertising, analytics and security solutions for iPad publishers, mDialog is in a good place to pick up some business as more publishers begin to make their videos available on the device.

Related content on GigaOM Pro: The Case For Removable Media on the iPad (subscription required)


Jason Langdon

I’d love to get a response to what Beau Durant is alleging below… does the video player actually need Quicktime to function as well?


security in AES-128 for Hypertext programming should be fixed if it want to be used as standard protocol in Internet browse

Beau Durant

“Apple’s HTTP adaptive bit rate streaming protocol” – This is not HTML5, this is QuickTime X plug-in and not a web standard.

Brad Neuberg

By video player, do you mean a JavaScript video player itself takes encrypted data, decrypts it, and feeds it into an HTML5 video tag somehow, or do you have your own binary plugin on the client side? If its a JavaScript video player, what’s keeping someone from simply extracting the decryption key from the page itself?


Peentoo Patel

The content is decrypted by the Apple movie player based on the key and encrypted segment, not by the JavaScript code or any other binary plugin.

Here is a more detailed overview of the all of the security measures we use to ensure the content is protected. I think this will answer your question:


Carlos Laviola

And once someone has the key, how is it any different?

Tim Street

Hey Brad, The capabilities to decrypt the content is built into our video player, so once it has acquired the key and loaded the encrypted segments, it can decrypt the content for playback.

Hope this helps.

Brad Neuberg

How do they decrypt the streaming HTTP segments on the client, though? That’s the part I’m unclear of.

Comments are closed.