Best daily deals

Links on Android Authority may earn us a commission. Learn more.

What is Widevine digital rights management (DRM) and why does it matter?

The Widevine DRM suite is used to check whether your smartphone or laptop is able to stream HD content.
By
May 14, 2022
samsung galaxy s22 netflix app
Ryan Haines / Android Authority

A number of video services like Disney Plus, Netflix, and Prime Video don’t allow some smartphones to stream movies or TV shows at resolutions higher than 480p. The reason for the lockout is that these services are protected by digital rights management (DRM), to prevent the copying and unauthorized redistribution of these video files.

To trust that Android smartphones and many other devices are secure from piracy, these popular streaming services make use of Google’s Widevine DRM platform. As one of the industry’s oldest DRM services, it’s estimated to be installed on some 4 billion devices around the world.

Here’s what you need to know about Widevine and how it works.

How does Widevine work?

Widevine implements a selection of industry standards to protect content as it’s transferred over the internet and played back on devices. For a quick overview, it makes use of a combination of CENC encryption, licensing key exchange, and adaptive streaming quality to manage and send video to users. The idea is to simplify the amount of work on the service provider’s end, by supporting multiple levels of streaming quality based on the security capabilities of the receiving device.

To achieve this, Widevine protects content across three levels of security, simply named L3, L2, and L1. Your device will need to be certified to meet the full L1 specification if you want to stream HD and HDR content from services like Netflix.

ARM TrustZone technology within Cortex-A based application processors is commonly used to run trusted boot and a trusted OS to create a Trusted Execution Environment (TEE), which separates DRM and other processes from potentially exploitable applications.

To meet security Level 1, all content processing, cryptography, and control must be performed within the Trusted Execution Environment (TEE) of the device’s processor. This is to prevent external tampering and copying of the media file. All ARM Cortex-A processors implement TrustZone technology, creating a hardware separation that allows a trusted OS (such as Android) to create a TEE for DRM, and other secure applications.

Security Level 2 only requires that cryptography, but not video processing, be carried out inside the TEE. L3 applies either when the device doesn’t have a TEE or when processing is done outside of it. However, appropriate measures must still be taken to protect cryptography within the host operating system.

How Widevine is implemented

Android devices support either L1 or L3 security levels, depending on hardware and software implementations, as does Chrome OS. Chrome on desktops will only ever support L3 at maximum. If your device is only L3-compliant, you’re capped at sub-HD resolutions. Only L1 secure devices with processing taking place entirely in the TEE can playback HD or higher quality content from Widevine secured services.

Perhaps one of the most important points to note about Widevine is that it doesn’t charge a license fee in order to implement its protection technology. So there’s no financial reason why some smartphones are missing out.

Widevine doesn't charge a license fee. Instead, hardware manufacturers only need to pass a certification process.

Instead, hardware manufacturers need to pass a certification process. This includes the completion of various legal agreements, implementation of some software libraries, and client integration testing to verify support, among other steps. Apparently, this process is designed to be streamlined for easy adoption. Nearly all chipsets used for Android smartphones support the necessary technologies. So if a particular smartphone isn’t compatible, it’s only because that manufacturer didn’t complete testing. Fortunately, it seems that it’s possible for smartphone OEMs to address any lack of compliance after release.

In January 2019, Security researcher David Buchanan claimed on Twitter that he managed to break the DRM on Widevine L3. It’s not clear if he has disclosed this reported issue to Google, and there’s been no word from the company on if it has fixed this DRM flaw.

Can my device stream HD content?

Unfortunately, you won’t find information about DRM conformity on many specification sheets, so knowing before purchasing a new phone is difficult. Most smartphones, especially in the flagship tier, will allow for HD streaming from Widevine-powered services, even if the smartphone is a few generations old. Technically, all Android smartphones can support L1 Widevine security, but implementation mileage may vary with lower-cost smartphones that may skimp on testing times.

If you want to check that your particular handset is compatible with Winevine, along with other popular DRM services, you can check out your smartphone’s level of support with apps like DRM Info, which is free to download from the Play Store. Simply scroll down to the Google Widevine DRM section and check what Security Level your device supports, just like in the image above.

Widevine support is often not quoted on spec sheets, so you'll have to rely on reviews to know if HD streaming will work or not.

In addition, Netflix has posted a constantly updated list of Android smartphones and tablets that are able to stream its movies and TV shows in HD resolution. The list also includes the chipsets from Qualcomm and Samsung that are capable of streaming Netflix videos in HD.

Further reading: What are video codecs and why do they matter?