In a recent interview with SafetyDetectives, Taehyun Kim, co-founder and CTO of DRM Inside, shared his journey and the innovative strides his company has made in digital rights management (DRM) technology. With a background in software development and architecture at Samsung SDS and Fasoo, Kim’s expertise in DRM led to the founding of DRM Inside in 2005. The company’s focus on global standards has made it a significant player in protecting digital publishing content. Kim highlighted the unique features of their Web-X DRM, which offers robust protection against web scraping and unauthorized content extraction. He also discussed the challenges and successes of implementing Web-X DRM across various industries, emphasizing its impact on enhancing digital content security. Looking ahead, Kim anticipates that future DRM technologies will need to adapt to evolving threats, particularly in the context of AI and web scraping.
Could you share a bit about your journey with DRM Inside and your role within the company?
Before joining DRM Inside, I gained extensive experience as a software developer and architect at Samsung SDS and Fasoo, where I honed my skills in software development and architecture. My deep dive into DRM technology began at Fasoo, known for its enterprise DRM solutions. I led the design and development of DRM enforcement, expanding my expertise in digital rights management.
In 2005, with the knowledge and experience from Fasoo, Hogab Kang (CEO, co-founder) and I (CTO, co-founder) started DRM Inside. Our vision was to focus on global standards and implement DRM technology for digital publishing. Since then, I have led international standardization activities to align our solutions with global benchmarks and headed the technical implementation of our products.
Our strategic direction was shaped by the growing need to protect digital publishing content.
DRM Inside has been a notable player in the field of digital rights management. How does the company differentiate itself in the competitive landscape of copyright protection technologies?
DRM Inside gained recognition through our contributions to the ISO 23078 standards, which are tailored DRM specifications for digital publishing, focusing on eBooks and PDFs. Our commitment to leading solutions led to the creation of OPENS DRM, an eBook DRM compatible with ISO 23078-3. This solution is widely used by Korean public digital libraries, demonstrating our ability to protect large-scale, publicly accessible digital content.
As digital libraries preferred web browsers for eBook reading over specific reader applications, we saw the need to enhance web browser-based content protection. Web browsers, though easy to deploy and maintain, lack robust content protection mechanisms against unauthorized extraction and scraping.
To address this, we developed Web-X DRM, providing seamless protection for web content.
What are the key features of Web-X DRM that make it stand out for web content protection compared to other DRM solutions in the market?
Web content is vulnerable to web scraping and data extraction via browser developer tools, due to the HTML and web browsers’ design for easy distribution and sharing. Malicious users can extract text and images from the DOM using developer tools. For instance, knowing how to access HTML content at the DOM level enables the creation of scripts using AI tools like ChatGPT for effective scraping.
Web-X DRM tackles these vulnerabilities with innovative techniques like scrambling text and concealing source URLs in <img>, <audio>, and <video> tags at the DOM level, preventing content extraction and reducing web scraping risks. It also controls browser functions that could be exploited for content extraction, like right-click, text selection, copy-paste, printing, print screen, and developer tools access, all without requiring client-side software installation.
Using pure JavaScript and HTML5, Web-X DRM is compatible across all operating systems and devices, needing no additional software. On the server side, it requires no integration with existing service systems, regardless of the web service’s programming language, and can be inserted between the web browser and the existing web server like a network firewall.
These advanced features make Web-X DRM a top choice for customers seeking to protect their web-based content. Its ease of deployment and strong security measures set it apart from other DRM solutions.
You can see the features of Web-X DRM at https://webxdrm.com/index_en.html
Could you discuss some of the major challenges you’ve encountered while implementing Web-X DRM across different industries, and how you’ve addressed them?
Implementing Web-X DRM across various industries presented significant challenges that required innovative solutions. One challenge was meeting the stringent requirements of a webtoon service provider needing to protect their content from screen capture tools and illegal uploads. Preventing screen captures without client-side software is nearly impossible, so we developed a method within Web-X DRM to insert invisible watermarks into images or HTML pages. These watermarks trace the source of illegal uploads by detecting IP addresses and user IDs, deterring unauthorized distribution and enabling the service provider to disable detected offenders’ accounts or report them to authorities.
Another challenge was offering a simpler, more cost-effective DRM solution for video content than Multi-DRM systems based on the W3C’s Encrypted Media Extension (EME) standard. Multi-DRM solutions handle native media DRMs in browsers but are complex and expensive, especially for on-premises solutions. We developed a Single-DRM solution within Web-X DRM that leverages the EME standard but is straightforward and cost-efficient, protecting video and audio content in web browsers.
A third challenge involved protecting against reverse engineering of DOM data and client-side JavaScript, which are vulnerable to advanced hacking techniques. Blocking developer tools initially can be bypassed by experienced hackers using browser debugging functions. Web-X DRM incorporates robust anti-reverse engineering measures, with multiple layers of protection to make it difficult for hackers to access original content.
These solutions enabled us to overcome diverse challenges across industries, ensuring effective and reliable content protection with Web-X DRM.
How has Web-X DRM helped your clients protect their digital content, and can you share any success stories of significant impact?
One success story involves a prominent webtoon and web novel service provider with over 800,000 users, using Web-X DRM to protect their content from scraping and screen capturing. This success has sparked interest from other similar service providers considering Web-X DRM to protect their web-based content.
Another success is with 45 public digital libraries in Korea, which adopted Web-X DRM to secure eBook content accessible via web browsers. The libraries and users are highly satisfied with the service, which eliminates the need for client-side installation or updates across devices. This has enhanced user experience and operational efficiency, leading to more libraries showing interest in Web-X DRM.
In the educational sector, an educational video service provider used Web-X DRM to prevent downloading original video files from web page source URLs. Previously unprotected, the company integrated Web-X DRM in a week, securing over 1,000 videos with minimal service disruption.
A large food company with over 2,000 franchise offices adopted Web-X DRM to protect sensitive internal content, like recipes and proprietary data, shared through their internal web system. Despite outdated client devices running WinCE with IE9, Web-X DRM prevented screenshots and distribution by embedding visible watermarks with user IDs and scrambling web content text, enhancing internal security.
These stories highlight Web-X DRM’s significant impact on protecting digital content across various industries.
Looking forward, what are the upcoming trends or technologies in DRM that you think will shape the future of web content protection?
The future of web content protection will be shaped by emerging trends and technologies, especially after the 2022 U.S. Federal Court precedent involving LinkedIn and HiQ Labs. This ruling, which allows web scraping from publicly accessible content, indicates a substantial challenge to content security, as it becomes increasingly difficult to prevent access for unauthorized data gathering from publicly accessible web pages.
Moreover, as we advance into the era of Large Language Models (LLM) based on AI, protecting web content becomes crucial. LLM systems rely on vast data for training, increasing the risk of unauthorized use of proprietary content from the web. Robust DRM solutions are needed to secure content at both the access control and content levels, ensuring the integrity and ownership of digital assets.
Future DRM technology will likely focus on sophisticated content-level protection mechanisms beyond traditional access control. Advanced encryption techniques, watermarking, and secure content distribution frameworks will be essential in safeguarding digital assets.