There are ample video hosting platforms available on the internet. Choosing a video hosting platform is a critical decision as it should go hand in hand with your long-term hosting requirements, alongside taking utmost care of security breaches for copyrighted content.

The video hosting platform that we have been using for one of our web apps is Wistia.

Why did we choose Wistia for our Web App?

  • Embeds seamlessly in any website
  • Ensures data security through domain restrictions
  • Provides in-video forms
  • Customizable video controls, and much more.

What's the challenge to use it in Mobile Apps?

The challenge came in when we wanted to extend the usage of these domain-restricted videos from websites to the native mobile apps in Android and iOS. Here's what Wistia says about providing mobile support:

Most mobile devices only support HTML5 playback, which is Wistia’s default for mobile. This includes Android phones and tablets (4.1 and up), and iOS devices like iPhones and iPads.

This means that Wistia does not allow us to play domain-restricted videos on the native players, namely ExoPlayer and AVPlayer in Android and iOS respectively. Rather, it recommends the usage of WebViews and standard embed code to include it in an app.

Note: Videos that aren't domain-restricted can play on native mobile players.

Domain-restricted or not, would our content be secure on mobile devices?

The answer is No. Why? Because if we fetched the Media Link through Wistia API, still the content is not 100% secure. Our access token gets exposed in any network analyzer tool like Wireshark as shown below:

Network Analysis using Wireshark

How do we overcome this?

1. Other hosting sites that provide Mobile support

We explored Vimeo as an alternative to Wistia. Their video links are integrable and playable in mobile native players. They have an easy way to access these links from their UI through Advanced -> Distribution -> Video File Links. They provide extensive API support too.

Even though Vimeo provides direct support for mobile apps, the only drawback was that their video URLs were getting exposed in Wireshark. This looks like a content security breach for the mobile app! Hence Wistia and Vimeo aren't the best possible solutions to securely host subscription-related content.

2.  interOp using Wistia

Considering the solution of using HTML5 playback as stated by Wistia, we thought of embedding a Webview. This webpage would have a Wistia Player with 100% width and height. For authentication purposes, a one-time-use auth token can be provided to this webpage without which the video will not play. This was ideal as it used Wistia hosted domain-restricted videos and tokens were not reusable. So even if the links were exposed, content wouldn't be accessible.

The major drawback is that through this we won't be able to provide users a native feel of the mobile app.

3.  DRM alongside hosting sites

Digital Rights Management, or DRM, is the best solution to the content security breach for web and mobile. It is a mechanism provided by many video hosting sites, such as Azure Media Services, Kaltura, to provide an added layer of security to the video content. Native players play the content. This is the most widely used mechanism by OTT platforms today. It is through this mechanism that offline download is possible within mobile apps nowadays. Even though these media are easily downloaded onto any device, but they aren't shareable. This ensures the security of copyrighted content.

Hope this blog makes you aware of some of the widely used video hosting platforms so that you can choose one wisely by knowing the pros and cons beforehand.