The two main approaches to forensic watermarking are known as one-step watermarking and two-step watermarking. The selection between one-step and two-step watermarking methods may vary from one deployment to the other and is governed by preferences to performance optimization, implementation efforts, and control over device base.
One-step watermarking is used to mark decompressed baseband video content in a single step either during the encoding process on the server or during playback in the secure video pipeline. On the distribution side, one-step watermarking requires the individualized watermarked content to be delivered to each device requesting it. Hence, it may not be suitable for a large number of recipients or customers due to scalability constraints during encoding. One-step watermarking is, therefore, usually applied on the client side where it involves communication between the conditional access (CA) and the watermarking modules (WM).
One-step watermarking typically requires access to the uncompressed video where the locations that allow for robust and invisible modifications can be identified by the embedding algorithm.
In client side integration, the uncompressed video, also known as baseband or YUV format, may be accessible during decoding in a client device. In such cases, the access should be controlled and secured. This can be done by implementing the watermark embedding algorithm in the hardware itself so that it becomes a part of the secure video pipeline. The execution of the watermark can then be controlled with different parameters, such as watermark embedding strength, an ON/OFF switch, or an embedded payload. These parameters too should be transmitted securely and handled only on client devices which can be achieved with a trusted execution environment (TEE).
A client side integration is beneficial since it provides seamless support for broadcast and live DRM protected content as the delivery content is the same and there is no delay or preparation required for watermark integration. The codec and container are also independent in this case as embedding occurs after decoding. The video watermarking information to be embedded can be taken from the client device or provided from the head end.
One-step watermarking can also be integrated within a video encoder, though this is not usually practiced. This requires a new encode for each individual file requested by the end user. Hence, it is most suitable for application in smaller batches, such as screeners or post-production.