Conditional access systems are generally used to provide conditional access to services like premium content. The content is scrambled and a smartcard is used to conditionally allow a terminal to descramble the scrambled content. The smart-card allows descrambling of the content by transmitting control words (CW) needed for descrambling to the terminal.
The smartcard is generally a separate card which is to be inserted into the terminal before operation. Alternatively the smartcard can be a surface mounted device (SMD) integrated into the terminal.
The terminal is e.g. a set-top box, PVR or a mobile phone. A user interface comprising output means such as a display and possibly input means such as a key-board can be connected to the terminal. A television e.g. can be connected to the set-top box for displaying the descrambled content. Alternatively the user interface is integrated into the terminal. A mobile phone e.g. is equipped with a display and keypad or keyboard and can be used to display descrambled content on the display and receive user input through the keypad/keyboard.
The terminal has a receiver for receiving data comprising scrambled content, entitlement management messages (EMM) and encrypted entitlement control messages (ECM). The EMM is a data unit that provides general information about the subscriber and the status of the subscription. The ECM is a data unit that contains the CW needed for decrypting the scrambled content.
A filter in the terminal filters the EMM and ECM from the data and a conditional access client (CA client) in the terminal receives the EMM and ECM from the filter. The CA client processes the EMM and ECM and, depending on the content of the EMM and ECM, transmits a first status code to the smartcard.
The smartcard analyses the first status code and responds to the CA client with a second status code if descrambling of the content cannot be allowed based on the first status code. Alternatively the smartcard decrypts the ECM to obtain the CW and transmits the CW to the CA client if descrambling of the content is allowed based on the first status code.
In known conditional access systems, user interaction functionality is implemented in the CA client. If the EMM or second status code indicates that user interaction is required, e.g. because a PIN-code, confirmation, payment or content selection is required before allowing descrambling of the content, the CA client generates a message which is transmitted to the output means of the user interface. Through the input means of the user interface the end-user responds to the message and the response is processed by the CA client. Depending on the response a third status code is transmitted to the smartcard and the smartcard responds as described for the first status code and second status code.
In modern terminals parts of the CA client are implemented as firmware stored on a field re-programmable ROM or flash memory. The firmware is upgradable by downloading new firmware. The new firmware is e.g. downloaded from an external server using a web browser in the terminal, using over-the-air (OTA) provisioning techniques in case of mobile phones, or provided to the terminal through e.g. a Bluetooth interface.
In older terminals, for which the installed-base is much higher, CA client functionality is not upgradable as it is implemented in ROM.
Parts of the functionality of the smartcard can be implemented as firmware stored in a memory. This firmware can be upgraded by providing a new firmware to the CA client transmitted in EMMs, or using over-the-air (OTA) provisioning techniques in case of mobile phones, and starting an upgrade procedure in the CA client to provide the new firmware to the smartcard. Alternatively the smartcard can be replaced by a new smartcard.
A drawback of known conditional access systems is that conditional access functionality is split between CA client and smartcard. Consequently adding functionality to an existing conditional access system disadvantageously requires both the CA client and the smartcard to be upgraded. User interaction functionality in the CA client needs to be upgraded by the end-user or by the service provider in control of the terminal, while the smartcard needs to be upgraded by the smartcard provider. When using older terminals the CA client cannot be upgraded. Adding functionality to new conditional access systems disadvantageously requires close cooperation between the terminal vendor and the smartcard vendor to align CA client functionality and possibly user interface aspects with smartcard functionality.
Another drawback results from conditional access functionality being generally conditional access system specific. This requires terminal vendors to manufacture conditional access system specific terminals.