How Drumlin Offline Digital Rights Management (DRM) Security Works

  • User experience: The steps for an end user are very simple - they install a free Javelin PDF reader on their device; they download and open the secure PDF file you send them; and they enter an authorization code for that file that and if the code is OK the file will be opened, just like any other full function PDF (i.e. with bookmarks, links, correct font and page display etc.). So for the end user it is very easy and quick - and for all tech platforms (PC, Mac, Android and iOS) this process can be largely automated making it even simpler, as discussed further below.
  • Publishing: All the publisher has to do use our free DrumlinPublisher software to encrypt their PDFs. The encrypted secure PDFs can then be distributed to as many end users as required. The publisher simply issues a separate authorization code for that file to each end user when they order the material or are sent it as part of a training course, private document distribution, subscription newsletter service etc.. Special facilities exist to allow codes to be used on multiple devices if required, and/or by multiple end users, and optionally on multiple documents. More details are provided below and on our other web pages, including our Frequently Asked Questions (FAQs) page.
  • Authorization codes: The Drumlin DRM security service works using authorization codes rather than complex user management systems. This makes the service and software extremely fast and easy to use, and also is ideal for fully automated management of document security, for example for ebook sales and training courseware. Other authorization options are also available (license files, pre-authorized files, automated authorization etc.)
  • Encrypted PDF files: A secured PDF is a standard PDF file that has been encrypted using our free DrumlinPublisher software (the encrypted file will have a .drmz file extension in most cases). These special encrypted PDFs can only be viewed using our free Javelin PDF readers, which are available for all the major technology platforms. In order to be permitted to view this special type of PDF file it needs to be authorized (enabled for viewing and/or printing) on the user's device (e.g. their PC, Mac, tablet or mobile phone). This is carried out by the end user by opening the secure file using our Javelin software and then entering a valid authorization code for that file when prompted by our PDF reader software. Each authorization code is typically unique and has a usage count, as described below. When a user tries to open the drmz file you have provided on their device, the Javelin software asks them for a code for that document (i.e. they need to get this from you and you generate the codes for your own files using our free DrumlinPublisher software).
  • Example: Let us suppose that the code you provide them is abc123def and this code is valid for and PDF document you have encrypted (published, with DRM server-generated documentID 345632 and the code is set to allow 1 usage. The customer enters the code and it is checked over the internet on our DRM server - this takes around 1 second. If it is a valid code for that file (documentID) AND has a usage count greater than 0 and has not reached its expiry date, our DRM system will tell the local device to allow the file to be viewed, and this will be remembered on that device so the code is not needed again to view the file - this enables the document to be viewed offline (i.e. without an internet connection). On our DRM server the usage count for that code is reduced from 1 to 0. Now if the end user sends the file plus the instructions and the code to someone else, it will not work because the code has been used - and it will tell you that this has occurred with the details (including the code, IPaddress, document, date, time, device details etc.) of the attempt to access the file, so tracking of valid use and attempted invalid use is available to you immediately. You create the codes using the Codes tab on the DrumlinPublisher software (service subscribers only) and the activity tracking and related features are provided via this tab also.
  • Some more things it is useful to know:
    • (i) the secured PDF is not decrypted when authorization takes place - it remains encrypted and secure. It is the device that is enabled to view the file, rather than the file being decrypted or the end user being separately enabled for that file on that device or our DRM server
    • (ii) secured PDFs can (and should ideally) include a dynamic watermark, so that the end user and their device etc. is identified if they make a screen shot of a page - on many devices screen shot support is provided in the hardware so cannot be prevented, and watermarking is an extra form of protection again possible abuse of your copyrighted material
    • (iii) with the secure offline service it is possible to provide printable files, with more extensive dynamic watermarking, plus additional controls to prevent printing to non-physical devices and limits on the number of copies printed. This applies to secured files delivered to desktop/laptops only - for security and practical reasons printing is not supported for mobiles and tablet devices
    • (iv) because a unique code is normally issued to one user for one particular document, the user is determined by the code they receive without needing to have end user registration. This makes meeting GDPR requirements very straightforward and also allows such codes to be disabled if required (e.g. if there is evidence of abuse, non-payment etc.). Again, this is a feature of all current versions of our Javelin3 readers and the DrumlinPublisher software
    • (v) for Corporate users with PCs, there is an option to provide License files for authorization, where license files are specific to the user AND device. This facility is available although not widely used as it requires more service management than the authorization code approach
    • (vi) secure (encrypted) PDF files can be created that do not require any authorization - such files may be copied and opened by any user with a Javelin PDF reader but the protection against copying of the content, print security and date expiry all remain provided. This is ideal for time expiring files where the use of a central DRM service is not desirable or maybe not possible due to internet access restrictions
    • (vii) "personalized" secure (encrypted) PDF files can be created that have a unique filename and watermark, Lists of end users can be read in order to create a series of personalized secure PDFs from a single source PDF, together with authorization codes for each individual
    • (viii) creation of secured files and authorization codes is managed using the free DrumlinPublisher software. This provides for single or multiple secure file creation, and may be used interactively or in batch mode (from a command line)
    • (ix) for selected platforms (currently for Android only) the delivery of the item (e.g. ebook) and code, can be automated via a website link. A test/sample page illustrating this facility is provided here. The facility uses so-called "deep links" for app-to-website integration. A sample entry on a website might look like this:
      "https://www.drumlinsecurity.co.uk/docs/?docurl=https://www.drumlinsecurity.co.uk/ipad/alice.drmz&par01=abcabcabc&par02=0" where the ?docurl= part specifies where the secure file is located and parameter 1 (par01) specifies the optional authorization code to use, and par02 is not used at present. If the link is clicked on an unsuitable device the user is routed to a "catchall" page

See here for step-by-step instructions and useful links