U.S. Operators Should Get Smarter About Smart Cards

The following is in response to technology analyst Leslie Ellis’s “Translation Please” column, which appeared in the Dec. 6, 2004 Broadband Week section.

To the Editor:

I read the December 6 Multichannel News article, “As 2006 Gets Closer, Security Moves Onto To-Do Lists” with great interest and some puzzlement. If I were an outside observer to the situation, my first question would be, “Why did the FCC mandate plug-and-play in the first place?” The second question is, “Why has the cable industry been singled out by the FCC to develop a new system, and satellite gets a pass?”

As industry veterans we all know there is a good explanation: Satellite operators successfully demonstrated to the commission that consumers have a viable retail alternative when choosing satellite, and cable did not — and it still doesn’t. The primary issue, as pointed out in the article, is removable conditional access. Motorola Inc. and Scientific-Atlanta Inc. cleverly developed embedded conditional-access systems, and now the FCC [Federal Communications Commission] has brokered a shotgun wedding between cable and the consumer-electronics industry to force a solution.

As a result, both are spending significant amounts of time, effort, and money to find a “work-around.” This is a “work-around” to a problem that ultimately results in cable being less cost-efficient in an increasingly aggressive environment. Our worldwide experience clearly indicates that U.S. cable MSOs have the highest digital set-top cost in the world.

The MSO community in the United States, with few exceptions, stands alone from the world’s video-entertainment suppliers because it chooses not to deploy the DVB Simulcrypt standard. DVB (the Digital Video Broadcasting Group), in association with the International Organization for Standardization (Ref: ISO-7816 standard), defines smart-card standards, provides hardware-based conditional-access protection in a flexible and replaceable form factor, and at a fraction of the cost of DVB-CIM (Common Information Model) or CableCARD solutions. Additionally, the use of a smart card-based CA system, in most cases, does not require the introduction of a new generation of set-top devices.

Most set-top boxes already include smart card slots. Case in point: Cablevision Systems Corp. of Long Island deployed S-A set-top boxes using PowerKey, and switched over — on the fly — to NDS VideoGuard by performing code-drop onto boxes in consumer homes from the headend. Again, I scratch my head: Why the reluctance on the part of the MSO to at least give an alternative approach a “credible evaluation”?

The primary objection I typically get from MSOs is: “Smart cards are not secure. Just look at how successful the hackers have been in compromising satellite!” True, hackers have been successful in some systems, though certainly not all.

But you have to dig into the details, appreciate the advantages of cable networks over satellite, and understand that encryption technology has improved enormously over the last decade. Operators surprisingly discount their own bidirectional capability, their ability to authorize and audit. In other words, “trust but verify.”

The second argument I get is that “It’s just too complicated.” I will not trivialize the integration issues, but it has not been too complicated for the rest of the world, Cablevision or RCN Corp. — they have managed to do it successfully. And by the way, who said plug-and-play was going to be easy?

The other reason that the cable industry has been reluctant to take a more earnest look at renewable conditional-access alternatives, I suggest, is probably the most disappointing. It may simply be due to the “not invented here” mindset. This entire effort to be more “cable” and not “satellite” has taken on a life of its own.

To meet the plug-and-play mandate, large engineering programs have been launched, trade organizations formed, outside consultants hired, and many participants have frankly put their careers on the line. It appears to me at times the cable engineering community is caught up in this cyclone that just keeps getting bigger, more complicated, and making slow and painful progress. I suggest much of that time be better spent on OCAP [OpenCable Applications Platform], OnRAMP, Internet protocol, and DSG [Data Over Cable Service Interface Specification set-top gateway] initiatives.

To play off your “dominant hand” metaphor, I think the cable industry can be, and should be, ambidextrous. By introducing non-proprietary headend hardware from companies such as Harmonic Inc., BigBand Networks Inc., Cisco Systems Inc., Sony Corp. (Passage), Terayon Communication Systems Inc. and Scopus, the cable industry could solve its FCC problem, dramatically lower its overall set-top expense through competition, and have a credible retail strategy — causing little, if any, change in currently deployed set-top boxes. In other words, implement a proven success, and move on.

Obtaining those milestones would avoid the unproductive “sparring with the CE industry” which is referenced in the article. Their business objectives are widely divergent from those of the cable operators, and the industry may otherwise find itself in the uncomfortable position of having to defend itself repeatedly before the FCC. At the end of the day, cable will be the fall guy if plug-and-play is not successful. Regrettably, as the 2006 deadline looms closer, who will be in a position to drive the best deal — cable operators or the CE guys?

Stan Sands

Corporate VP of Sales NDS Group plc