Document security watermarks to prevent digital piracy

Can document watermarks replace DRM?

The humble document watermark is proving highly popular as an addition to or replacement of Digital Rights Management (DRM) control methods, although its use and effectivity are not as well understood as you might think.  We look at what you can achieve with document watermarks, and if they go far enough.

Watermarks have been around for a long time helping establish authenticity and proof of ownership, mainly of high value items like banknotes, international agreements, identity documents, prevent document piracy, and so on.  There is an argument that says document control watermarks are not DRM controls at all, but another that when used in combination with other licensing schemes they can also be mainstream DRM.

What are watermarks usually used for?

Watermarks can be used in several ways.  A brief Google search suggests that there are hundreds of US patents in the field of steganography (hidden messages in pictures) and watermark processing in video, sound photography and so on.  So there must be something there when the likes of Sony, Philips, NBC, Digimarc, and what many others think is pivotal in the digital watermarking business.  The earliest patents go back to the 1980’s!

Watermarks can be used to supply various control functions, including to:

• authenticate that file contents have not been altered.  This is what the classical watermark on banknotes is doing, stopping you from easily replacing them with a forgery.
• demonstrate ownership.  This is what Google does with satellite maps it publishes, as well as do many picture publishers.  TV Channels often put a visible watermark in a top corner to show their channel licensing, mainly when re-broadcasting.  Book publishers put visible copyright marks on books to show ownership of the IPR and other claims.
• identify who the licensed user is.  This is a variation of the ownership approach aimed at identifying and preventing unauthorized redistribution of licensed works (i.e. used to prevent document piracy).
• advise a playing system (or application) if the work is licensed or not.  This may be linked to the playing system in such a way that the playing system will only play documents where the watermark identifies them as genuine.  An extension of this is to identify who the licensed user is and check if the playing device is licensed to that user or that document region.

Document security watermarks can be more or less invasive.  What this means is they can be very obvious to the eye and visible, or they can be hidden inside the document that is carrying them.  This visibility can be very important when selecting the best functionality that is going to work for you.

For instance, sound and video providers do not want the artistic nature of their work to be ruined by a very obvious, visible watermark right in the middle of the picture.  So any watermark has got to be ‘hidden’ in the images so it makes no change to the overall effect.  And a lot of work has been done (and patents created) addressing how to embed a watermark into a video without it being obviously visible and also be capable of surviving a conversion of format (say from MP4 to AVI) when the converter does not understand the concept of a secret watermark (often referred to as steganography – the hiding of a meaning in a picture).  And the same goes when changing formats from MP4 to MP3 to CD for sound, or moving from BMP to JPG to PNG to GIF (amazing what you can do with products like Corel Paint Shop?).  The IEEE was writing standards about hiding watermarks in JPEG back in 1999.

So hiding watermarks is a specialised business and requires special viewers to identify that hidden watermarks are indeed present and then decide what to do about them.

Is digital watermarking a popular approach?

Judging by the success of specialist provider companies like Digimarc there is good demand from multi-media services as well as in different markets such as hidden barcode scanning in retail applications.  There is a perception that non-invasive watermarking is ‘easy’ to implement in pictures and multi-media formats.  Also, many PDF editors such as Adobe Acrobat enable you to add document watermarks (fixed text and images) and create a stamped PDF.

Are there any problem document formats when applying document security watermarks?

As ever, the devil is in the detail.  Documents that are just text (that includes forms of TXT such as HTML and XML) use up all the bits in each byte in order to specify the content exactly.  So there is no space at all available to hide a watermark in the bytes used by the text characters, unlike a picture which uses many pixels to represent a character so doesn’t notice quite so much if it misses a few.

It is not a big problem where established custom is to have visible markings – as happens in book publishing and even in digital books.  Both visible and invisible marks may be present in richly featured formats such as the Adobe PDF because it can support graphics as text (although that ruins linking to internal and external references).  However, it is easy to remove Adobe PDF watermarks so they may not provide the security that you think.

When are document watermarks most effective in preventing document piracy?

Document security watermarks become most effective when they are part of an overall DRM technology and not a single item.  (Everybody in the security business will tell you about the importance of multiple controls – security in depth – assuming you can stay awake long enough.)  And even with the humble banknote there are multiple watermark and tracking technologies in use – but banks actually know the value of what they are protecting!

Document security watermarking methods such as those used by Locklizard allow for a graphic image and/or text to be placed on the page either over or underneath the information, with a controlled opacity so that it can be fine-tuned so as not to interfere visually, or if used for printing to cause it to solidify or to disappear.  Text watermarks can include a reference that can identify the authorized user (e.g. user name, email, company, etc.) along with a date and time stamp – this information is dynamically applied at view/print time so you only have to protect a document once for all users (unlike some document watermark software that requires you to watermark documents individually for each user).  If you just want to deter photocopies being made of printed documents (i.e. you don’t want to display a watermark when a document is viewed on screen) then you can display a PDF watermark only when printing.

These approaches are rather more comprehensive than simply adding a watermark to a graphic or a document in that they deliver a result that can be more difficult to remove than hiding something in a graphic image, and can have the value of being visible without necessarily creating a poor quality result.

Perhaps, most importantly, when document security watermarks are used as part of a more complete DRM system they give the publisher or distributor access to powerful control features that are not available in a pure watermarking system, such as number of times a document may be viewed, or the length of time, or regional viewing limitations.  These are all additional document security measures that help prevent document piracy.

To incorporate extended functionality solely into the watermarking component of a document (i.e. a document control watermark) is technically difficult and liable to be neutralized by the ability to change file formats.