Skip to main content
The Video Security system ensures that all streamed content is protected from unauthorized access, piracy, and misuse. It safeguards video files, playback sessions, streaming URLs, and user data while maintaining seamless viewing performance. Below is the complete explanation of how video security works within the player ecosystem.

Secure Video Delivery

Videos are never exposed as public downloadable files. Security mechanisms include:
  • Signed playback URLs with expiration time
  • Token-based access validation before streaming
  • Time-limited video access
  • Domain-restricted playback
  • Referrer validation

Encrypted Streaming (HLS Protection)

All video content is delivered securely using encrypted streaming. Security features:
  • HTTPS delivery for all video segments
  • Encrypted HLS (.m3u8) streaming
  • Segment-based streaming (no full file exposure)
  • Optional AES-128 encryption for HLS segments
Since the full video file is never downloaded at once, direct file access is prevented.

Playback Authorization

Before a video loads in the player:
  • The client requests playback authorization.
  • The backend validates the user token.
  • The system verifies video access permissions.
  • A signed playback URL is generated.
  • The player loads the secure streaming source.
If the token expires or permissions are invalid, playback is blocked.

Secure Caption & Asset Handling

Associated assets such as:
  • Subtitle files (.vtt, .srt)
  • Thumbnail sprites
  • Chapter files
Are also delivered through protected endpoints with authentication validation.

Session Protection

To prevent misuse:
  • Playback sessions can be time-bound
  • Tokens automatically expire
  • Revalidation can occur during long sessions
  • Concurrent session limits can be enforced