Originally featured on BroadcastEngineering.com
EBU aims to end dependence on Facebook for OTT authentication
The European Broadcasting Union (EBU) is developing a cross-platform authentication system to free broadcasters from dependence on popular Web services like Facebook and Google for authenticating users accessing online services. The work is being carried out by the EBU’s newly set up Cross-Platform Authentication (CPA) project group chaired by Sean O’Halpin, lead engineer at the BBC’s R&D Internet research and future services unit.
According to the EBU, the group will develop “an alternative to proprietary single sign-on systems that already exist,” referring to Facebook, Google, Yahoo and one or two other Web services that are often used as sources of authentication because of their popularity and the fact that they already have stored credentials of most users likely to access the desired online video platform. Authentication has been a sticking point for broadcasters deploying online services, especially if they want to start charging for access when they have previously been free to air. They lack a relationship with the subscriber, and to date have taken the easy option of hooking into existing authentication systems from the likes of Facebook. Noting that nearly all these services are U.S.-owned, European broadcasters have felt increasingly uneasy about relying on them for authentication, which is then under their control. Such fears have been stoked by the Edward Snowden revelations and associated reports that the U.S. accessed personal data on non-U.S. citizens from leading Internet companies. The EBU makes no reference to that affair, but emphasized that broadcasters would be much better off having an independent solution that is not under the control of any commercial company.
Ironically the EBU’s emerging cross-platform authentication system will be based on the same underlying protocol that most of these Web services providers, including Google and Facebook, are using. This is called OAuth 2.0, the second iteration of the standard OAuth protocol designed to simplify deployment of authentication on a range of clients connected to IP services. The EBU wants to extend that to meet the specific needs of broadcasters and make it easier to support all the target platforms, then feed the protocol back into the OAuth standardization process. So Facebook and Google may end up deploying the EBU’s extensions themselves.