Deutsche Bank spoke to major Digital TV platforms and major CA vendors around the world and did an extensive analysis of the CA market. They published the report in September 2001. Their report shows that an operator with 3 million subscribers will spend as much as $70 per subscriber per annum on Conditional Access services and technology. Almost $50 million of the cost is directly attributed to smart cards purchase. The diagram shows a network that grows to 3m subscribers in 5 years and assumes there will be changes of the smart card base, 50% in year 4 and 50% in year 5.
Our own analysis, based on global experience of satellite and cable Pay-TV operators over the last ten years, suggests lower costs but they are still Understanding the true cost of Conditional Access Systems substantial. The graphs below assume conservative estimates of all possible cost ranges.
The diagrams show smart card based CA costs for networks that grows to 500k and 3m subscribers in 5 years and assumes there will be changes of the smart card base, 50% in year 4 and 50% in year 5. Other assumptions: Smart card cost $8 and $7 respectively; growth from 1.0 to 1.4 average STBs per household; 15% churn; only $1per card distribution cost; total card swap logistics and support cost of only $5 per card; wastage factor of 5% of old cards (not deployed at swap time); $2.5 STB royalty; $0.25 to $1 per sub head-end licence fee based on volume discount. No system integration costs are applied.
Smart Card Deployment
Each smart card typically costs from $7 to $15 (or more) depending on the complexity and quantities ordered with a margin of $5 to $10 profit for the CA vendor. They will need to be ordered in advance and usually part paid in advance in batches.
The logistics costs of deployment, such as mailing, storage and handling are in addition to the card costs. The cards must be shipped securely to ensure they arrive at the subscriber undamaged and then managed securely so that they do not get “lost” to pirates. If agents or installation engineers carry stocks
then another layer of secure management and logistics has to be implemented. The direct charges can be large and in small volumes probably as much as the initial purchase cost. The indirect costs such as management time need also to be considered. A level of replacement stock will need to be held to cover cards lost or damaged by the subscribers themselves.
Cards in the supply chain
According to the business model used by the operator, cards may be delivered to the consumer by mail from a central source, by an installing engineer or shipped with the set-top boxes from the various manufacturers to the operator's warehouse or the retail outlet (each STB vendor would need a stock at the factory). In each case there needs to be sufficient stocks at appropriate points in the delivery chain to ensure that demand is met for immediate customer/subscriber provision. All the cards in the chain incur a cost and tie up capital long before revenues are received from the subscriber.
Cards must be handled, tracked and stored securely at all points in the chain to prevent losses and subsequent piracy threats.
A smart card change introduces considerable logistical challenges and costs in recovering cards from multiple locations in the distribution chain, replacing with new cards and updating set-top box software as required.
One effect of subscribers cancelling their subscription (churn) can be to waste the associated smart cards, which must be disabled or collected and reprocessed. We see churn rates as high as 25% per annum in some countries and the lowest run at around 10% per annum. In effect the operator pays the costs of up to 25% more cards than paying subscribers. So while churn is very bad for the operator it is very good for the card supplier's business
Card Swap Out
The need to swap the entire population of smart cards can be triggered by the need to beat piracy or the need to upgrade functionality for the launch of new services. Obviously operators try to keep the card in the field for as long as possible but experience shows that no card lasts longer than 5 years and 3 years is more common. The costs associated with swap-out are substantial. In a recent article the DTV Smart Card and Security product Manager at Nagravision was quoted as saying,
“…while operator replacement of existing technology ranges from $15 to $25 per subscriber to replace the security device (i.e. smart card), neglecting any headend or set-top box upgrades, integration costs and other non-recurring expenses.”
The break down of costs can be categorised as follows: -
(a) New card cost of $7 to $15 each may be paid up front, pre-paid as part of a monthly per subscriber fee over many months/years or a mixture of the two.7
(b) Delivery and logistics costs such as secure mailing and packaging.
(c) Systems/data management/IT costs. The subscriber management system data must be synchronised with the new card data at an individual subscriber record level. It helps if the SMS system is designed to accommodate card swaps.
(d) Customer Service costs. Experience shows that calls to the customer support centre rise substantially during a card swap. These may be costed in a variety of ways depending on whether the call centre is outsourced or in-house.
(e) Lost revenue opportunity if new services have to be delayed pending card swap out.
(f) Set-top box qualification and upgrade costs. All models, versions and variants of set-top boxes in the field need to be thoroughly tested and qualified with the new smart card. Despite this, a proportion of consumers' set-top boxes may still fail following a card change requiring field recovery and replacement or upgrade.
Operators do not publish the costs of swap out but our own experience is that larger operators may budget up to three times the card cost or more.
Billing, Customer Management and other Business Applications
The Billing, Customer Management and Provisioning systems may have to be adapted to cope with smart card records as the customer identifier. If engineers or agents carry stocks of cards these have to be tracked and accounted for. The systems may also need to be able to deal with a total card swap, updating the new card identity in the customer management records and this functionality has to be designed into the system with no practical experience of ever doing a card swap.
Set-top box related costs
The cost of the set-top box is critical to most Pay-TV operators. The CA system used can influence those costs in several ways.
A choice of competitive set-top box vendors is essential to drive costs down, ensure innovation and guarantee a ready supply to meet demand. Set-top box vendors need to continually develop and update their products with latest lowest cost component solutions to ensure continued cost reductions over time. The smart card CA vendors licence their technology to many STB vendors thus allowing competition to drive the price down. It is not unusual to have 10 or more STB suppliers bidding for business at a large Pay-TV operator.
The embedded CA suppliers are STB manufacturers themselves and have licensed their hardware technology to few other competitors so far. Once a single vendor has exclusive supply contract then there is little incentive to drop the price.
The Common Interface (European/DVB) and OpenCas POD (USA) specifications are designed to make it possible to manufacture standard STBs and add a CA module later. However, this adds in excess of $20 per box when CA is deployed because of the hardware involved. When a STB target price is way under $100 that's too big a premium to pay for most operators.
The component cost of the CA element is also important. Embedded CA suppliers claim they can be cheaper because they don't need a $10 smart card. However, they do need an embedded security module. The cost of the modules is not published but anecdotal evidence suggests prices much higher than a smart card.
Even though the smart card is a removable device each different smart card CA system has elements to be integrated and tested in each new STB model. So for instance, the set-top box version 1 for a cable operator using CA from vendor “A” needs another technical integration and test for version 2. The same box using CA from vendor “B” is a slightly different model even though the rest of the specification is similar and so needs yet another integration and test effort.
The smart card CA vendors usually licence their software on a per set-top box basis and charge royalties to the set-top box manufacturers of around 2 to 5 dollars per box. These royalties can add two or three times that price to a box because of margins and import duties in some countries.
During the manufacturing process the STB manufacturer has to set up a production line for each model and it is only economic to manufacture in certain batch sizes and to order. That means it is not easy for an operator to buy small numbers of set-top boxes, unless they accept a specification and “standard” CA system which is being made for another operator whose CA needs may be different. And inevitably, if the other platform is hacked then so are they. For cable and DSL operators this can tie up cash and/or incur substantial finance costs for STBs that may sit in a warehouse for a long time before earning revenue.
So open licensing of the CA system and a move away from hardware integrations for CA can help reduce the costs of the set top boxes substantially over the life of the system.
Revenue Protection Activities
A card swap is the last resort if the system is hacked. In any case a new card can take over a year to design and deploy and systems are usually designed with an arsenal of counter measures designed to defeat or discourage hackers and keep the card in place as long as possible. These activities may include key changes and other software downloads. There are costs of researching the hack activities and technologies and developing the countermeasures that must be included in the cost of service somewhere. The operator will hopefully have a contract which makes the CA vendor responsible for these activities for at least the first year or two of a card's life but not indefinitely.
There are also the costs of the intelligence and legal battles to counter pirates. These activities are well documented over the last few years for Satellite Pay- TV operators in the USA and others in Europe. Many CA systems use the same card for every operator so the cost of these activities is shared across many platforms. This reduces cost but the larger potential market is more attractive to the hackers and so some operators are willing to pay for their own, unique smart card design.
Revenue Losses Due to Piracy
The idea of using smart cards was to overcome a weakness of embedded security systems. Once an embedded system is hacked then the whole set top box population may have to be replaced at a huge cost that is impractical. Interestingly the largest of the embedded CA suppliers allows for a smart card to be introduced when the embedded system is hacked. When the analog cable systems in the USA were hacked the only real countermeasure employed was legal activity and piracy was rife for years. The same designs were used in UK analog cable where piracy was rife and the operators bore the lost revenues instead of the cost of repair.
The most effective conditional access system is the one that maximises the operator's profits, so clearly there is a balance of how much to spend to stem any losses, enable the content marketing models and achieve the maximum amount of revenue.
Consider some possible scenarios:
(a) Catastrophic hack
A low cost pirate smart card is launched into a market where STBs are freely available, supplied through retailers.
One of the ironies of the smart card is that while it makes it more cost effective for the operator to change the CA system to defeat a hack it is also an ideal, low cost vehicle for the pirates to distribute their hack.
All revenue from users of the pirate card is lost. It is likely that the operator will not be aware of the hack until the numbers are significant and a substantial monthly loss is already occurring, especially if their subscriber numbers are growing anyway so that the lost revenue effect is masked.
According to Jean Grenier, President of AEPOC10, “in Italy there were two million pirate viewers [of the Tele+ DTH system] before the change of smart cards”11. The hack had been in the market for such a long time that pirate viewer number exceeded legal viewers!
In Italy, if the pirate viewers were only stealing the 13 Euros per month basic package of services (the premium service costs more) then the total losses were a staggering 26 million euros per month and it was hacked for over a year. If it is only a 1 per cent of that number it is still significant!
Maybe the users of pirate cards wouldn't all sign up for the legal service but François Carayol, Vice President of Thomson's digital video software solution division and Chairman and CEO CANAL+ TECHNOLOGIES (early 2003) said that 550,000 pirate subscribers signed up for the service once the card was swapped. That's 7.15 Million Euros per month.12
The estimates for DIRECTV and EchoStar piracy in the USA vary but the numbers are substantial. The Carmel Group, a satellite-consulting firm in 2003 said 2.2 million Americans would steal satellite service in the year from DIRECTV compared with 720,000 from DIRECTV rival EchoStar Communications. According to an article in Forbes.com “Industry experts say piracy is costing DIRECTV $1.2 billion per year--a nice chunk of its $7.2 billion in revenue ……”!
Based on NCTA's cable piracy survey conducted in 1999, the industry (in the USA) lost an estimated $6,584,603,760 ($6.6 billion) in unrealised basic and premium revenue annually. Since they couldn't change the security system the only counter measure was to sue any pirates they caught and put them out of business.
(b) Premium Services Hack
In networks where the STB is owned and supplied on rental by the operator and particularly in broadband networks such as cable or DSL where there is also a fixed connection to the home, the operator usually cuts off the service and removes the STB if the subscription isn't paid. So the catastrophic hack described above is less likely to happen though once clone set top boxes appear the risk rises.
In this environment pirate devices may be supplied so that the subscriber pays the minimum basic subscription package and then steals any premium services such as Sports Packages or pay per View Movies. This can be hard to spot because there is no reduction in subscriber numbers, just a lower uptake of premium services.
Again, Tele+ claim that 300,000 subscribers signed up for premium services once the cards were swapped. At a conservative 10 euros per month that is another 3 million euros per month. In both of the scenarios above it is clear that the fastest possible repair of a hack is going to make a huge difference. Each month that the hack continues is a big loss (10million euros per month at least). So the time to repair a hack can be critical. Yet we have seen some smart card based systems (and embedded systems) hacked for years, let alone months. Some of the main reasons are that it takes a long time and costs a lot to develop and test new chip and smart card technology and the deployment is also costly and difficult.
It is interesting to compare BSkyB, with almost 7 million viewers. They have a smart card system from the same supplier as DIRECTv yet they have no piracy. BSkyB in May 2003 completed a complete card swap of approximately 7 million cards in a matter of a few weeks (even though the previous system was not hacked in over three years) whereas DIRECTv have not managed to swap cards so effectively and so stem the losses even though they are bearing the huge costs of buying over 10 million cards. There are many logistical and technical reasons for the differences and many differences in the two markets but the financial effects are clear.It seems that the pirates always have the new system in the USA hacked before the change over is completed so they have a huge continuous market to encourage the pirates. If they could change their system very quickly and regularly, then the pirates would find it far less cost effective to develop a hack.
So apart from preventing any loss for as long as possible, time to repair is vital and proactive changes could make piracy uneconomic in the first place.
Smaller Operators vs. Large Operators
Pirates need a large potential market to make hacking economically viable. The large operators generate very large revenues and can invest huge amounts in their security strategy. If many small operators use the same system then together they will create a market that is large enough for pirates to attack. A sort of Domino Effect is created where as one system is hacked all the other small systems fall to the pirates as well.
The costs of swap can be disproportionate for a small operator. If small operators could have unique systems that can be easily changed then they would be far less likely to be piracy targets and reduce their cost of security accordingly.