Card Sharing
Encyclopedia
Card sharing, also known as control word sharing, is a method of allowing multiple clients or digital television receivers to access a subscription television network with only one valid subscription card. This is achieved by electronically sharing a part of the legitimate conditional access
smart card's output data, enabling all recipients to gain simultaneous access to scrambled DVB streams, held on the encrypted television network.
Typically, a legitimate smart card is attached to a host digital television receiver, which is equipped with software to share the decrypted 64-bit "control word" key over a computer network, such as the Internet
. Once a client receives this key, they can decrypt the encrypted content as though they were using their own subscription card.
standard in which it operates. The standard practice of a legitimate smart card is to decrypt an ECM (Entitlement Control Message), which then provides the control word, which allows the viewing of scrambled material. With card sharing, however, the smart card and its security features are bypassed; software intercepts the decrypted control word and allows the user to share it across a computer network.
. Much of the development of card sharing hardware and software has taken place in Europe
, where national boundaries mean that home users are able to receive satellite television
signals from many countries but are unable to legally subscribe to them due to licensing restrictions on broadcasters.
Because the length of the complete control word is so small (64 bit
s), delivery of the control words to many different clients is easily possible on a home internet connection. This has sparked the creation of sharing network groups, in which users can access the group by sharing their subscription cards with the group, and in turn, being capable of receiving the channels which all users' cards can decrypt, as though the user owned every single subscription card connected to the network. Other networks have also been created, whereby one server
has multiple legitimate subscription cards connected to it. Access to this server is then restricted to those who pay the server's owner their own subscription fee.
An example of such a card sharing system, also known as Internet Key Sharing (IKS) was run by Charles Carillo of New Britain, Connecticut. Between 2007 - 2010 Carillo mass marketed so-called FTA receivers modified to illegally receive Dish Network subscription programming using a card sharing server. Carillo marketed such devices from several paper "front" companies such as nfusion.ws, WorldWide Satellite, Tequista Enterprises and Power Pay Services. In 2010 the satellite operation was shut down and Charles K. Carillo was found liable in Federal Court to Dish Network for $666,000 in damages.
. However, in some cases the contract between the subscriber and the content provider implicitly or explicitly prohibits this kind of card sharing.
, meaning that every provider of scrambled DVB
content has potential to be affected by it. In response, several counter measures have been implemented by various parties, with the aim of permanently preventing it.
and NDS
, is to update the software of digital receivers provided by the subscription television service. This software implements a further decryption layer, held within the receiver. Rather than sending a plain text control word from the smart card to the receiver's microprocessor, which can be intercepted, the decrypted ECM will in fact be an encrypted control word, which can only be decrypted by a legitimate, non card sharing capable, receiver. A simpler method, used by several providers, is to simply increase the frequency of control word changes. With changes occurring as frequently as once every few seconds, extra stress is put onto the smart card sharing system, meaning that clients may be frustrated by short, frequent, missed viewing periods.
. Cases of criminal charges being brought against card sharing hosts is on the rise.
In August 2009, a Liverpool man was prosecuted for re-selling the services of a card sharing network to paying customers. It was the first such case of its type in the UK.. Two further raids occurred in the UK during early 2011, instigated by UK Cable Operator Virgin Media..
Conditional access
Conditional Access is the protection of content by requiring certain criteria to be met before granting access to this content...
smart card's output data, enabling all recipients to gain simultaneous access to scrambled DVB streams, held on the encrypted television network.
Typically, a legitimate smart card is attached to a host digital television receiver, which is equipped with software to share the decrypted 64-bit "control word" key over a computer network, such as the Internet
Internet
The Internet is a global system of interconnected computer networks that use the standard Internet protocol suite to serve billions of users worldwide...
. Once a client receives this key, they can decrypt the encrypted content as though they were using their own subscription card.
Basic operation
The security of conditional access smartcard technology is limited by the security of the DVBDVB
Digital Video Broadcasting is a suite of internationally accepted open standards for digital television. DVB standards are maintained by the , an international industry consortium with more than 270 members, and they are published by a Joint Technical Committee of European Telecommunications...
standard in which it operates. The standard practice of a legitimate smart card is to decrypt an ECM (Entitlement Control Message), which then provides the control word, which allows the viewing of scrambled material. With card sharing, however, the smart card and its security features are bypassed; software intercepts the decrypted control word and allows the user to share it across a computer network.
Pirate decryption
Card sharing has established itself as popular method of pirate decryptionPirate decryption
Pirate decryption most often refers to the reception of compromised pay TV or pay radio signals without authorization from the original broadcaster...
. Much of the development of card sharing hardware and software has taken place in Europe
Europe
Europe is, by convention, one of the world's seven continents. Comprising the westernmost peninsula of Eurasia, Europe is generally 'divided' from Asia to its east by the watershed divides of the Ural and Caucasus Mountains, the Ural River, the Caspian and Black Seas, and the waterways connecting...
, where national boundaries mean that home users are able to receive satellite television
Satellite television
Satellite television is television programming delivered by the means of communications satellite and received by an outdoor antenna, usually a parabolic mirror generally referred to as a satellite dish, and as far as household usage is concerned, a satellite receiver either in the form of an...
signals from many countries but are unable to legally subscribe to them due to licensing restrictions on broadcasters.
Because the length of the complete control word is so small (64 bit
Bit
A bit is the basic unit of information in computing and telecommunications; it is the amount of information stored by a digital device or other physical system that exists in one of two possible distinct states...
s), delivery of the control words to many different clients is easily possible on a home internet connection. This has sparked the creation of sharing network groups, in which users can access the group by sharing their subscription cards with the group, and in turn, being capable of receiving the channels which all users' cards can decrypt, as though the user owned every single subscription card connected to the network. Other networks have also been created, whereby one server
Server (computing)
In the context of client-server architecture, a server is a computer program running to serve the requests of other programs, the "clients". Thus, the "server" performs some computational task on behalf of "clients"...
has multiple legitimate subscription cards connected to it. Access to this server is then restricted to those who pay the server's owner their own subscription fee.
An example of such a card sharing system, also known as Internet Key Sharing (IKS) was run by Charles Carillo of New Britain, Connecticut. Between 2007 - 2010 Carillo mass marketed so-called FTA receivers modified to illegally receive Dish Network subscription programming using a card sharing server. Carillo marketed such devices from several paper "front" companies such as nfusion.ws, WorldWide Satellite, Tequista Enterprises and Power Pay Services. In 2010 the satellite operation was shut down and Charles K. Carillo was found liable in Federal Court to Dish Network for $666,000 in damages.
Multiple receiver use
An arguably legitimate use for card sharing is the sharing of the control word within a home network, where the subscriber is authorised by the subscription television network to decrypt their signal, using one smart card. Content providers usually provide means for viewing channels on a second smart card, provided at extra cost. An example of this is Sky Multiroom, used in the United KingdomUnited Kingdom
The United Kingdom of Great Britain and Northern IrelandIn the United Kingdom and Dependencies, other languages have been officially recognised as legitimate autochthonous languages under the European Charter for Regional or Minority Languages...
. However, in some cases the contract between the subscriber and the content provider implicitly or explicitly prohibits this kind of card sharing.
Countermeasures
Card sharing is a particular concern to conditional access providers, and their respective pay-TV companies, as well as the DVB consortium. Card sharing utilises the integral scrambling system of the DVB standard, DVB-CSACommon Scrambling Algorithm
The Common Scrambling Algorithm is the encryption algorithm used in the DVB digital television broadcasting for encrypting video streams.CSA was specified by ETSI and adopted by the DVB consortium in May 1994.-History:...
, meaning that every provider of scrambled DVB
DVB
Digital Video Broadcasting is a suite of internationally accepted open standards for digital television. DVB standards are maintained by the , an international industry consortium with more than 270 members, and they are published by a Joint Technical Committee of European Telecommunications...
content has potential to be affected by it. In response, several counter measures have been implemented by various parties, with the aim of permanently preventing it.
Technical
One technical method, implemented by providers such as IrdetoIrdeto
Irdeto B.V. is a global software security and media technology company with dual headquarters in Hoofddorp, Netherlands and Beijing, China. It is a subsidiary of multinational media group Naspers...
and NDS
NDS Group
NDS Group Plc. is a developer of pay TV technology. NDS was established in 1988 as an Israeli start up company. It was acquired by News Corporation in 1992. The company is currently headquartered in Staines, United Kingdom...
, is to update the software of digital receivers provided by the subscription television service. This software implements a further decryption layer, held within the receiver. Rather than sending a plain text control word from the smart card to the receiver's microprocessor, which can be intercepted, the decrypted ECM will in fact be an encrypted control word, which can only be decrypted by a legitimate, non card sharing capable, receiver. A simpler method, used by several providers, is to simply increase the frequency of control word changes. With changes occurring as frequently as once every few seconds, extra stress is put onto the smart card sharing system, meaning that clients may be frustrated by short, frequent, missed viewing periods.
Legal
One significant problem for internet card sharing pirates is that their activities can be traced, through tracing of their unique IP addressIP address
An Internet Protocol address is a numerical label assigned to each device participating in a computer network that uses the Internet Protocol for communication. An IP address serves two principal functions: host or network interface identification and location addressing...
. Cases of criminal charges being brought against card sharing hosts is on the rise.
In August 2009, a Liverpool man was prosecuted for re-selling the services of a card sharing network to paying customers. It was the first such case of its type in the UK.. Two further raids occurred in the UK during early 2011, instigated by UK Cable Operator Virgin Media..