Securing Content with Digital Rights Management (DRM) in Spotify-like app: A Technical Overview


In the realm of digital content distribution, protecting copyrighted material is paramount. Digital Rights Management (DRM) is a robust technology to safeguard content from unauthorised access and distribution. This article explores the implementation of DRM in this mobile application that was developed for a community to share music, like Spotify.

Use Case:

This music application caters to a closed community. It offers both free and paid access to user-generated music content. DRM integration ensures the protection of copyrighted works shared on its platform, preventing unauthorised access, copying, or distribution of the content.


The primary objective of implementing DRM in this music app is to safeguard copyrighted material from unauthorised use or distribution. By leveraging DRM technology, This app aims to provide a secure platform for content creators within the community, protecting their intellectual property rights and ensuring fair usage of their works.

Technologies Used:

  • EZDrm: A third-party service utilised for DRM protection, providing essential functions for encrypting and protecting content.
  • OutSystems: A low-code development platform used for building the front end of this music application.
  • JavaScript: Used for integrating the Shaka player, a JavaScript library for playing DRM-protected content.
  • Widevine is a proprietary DRM technology developed by Google that encrypts and decrypts content within the Chrome browser.
  • Amazon AWS: Utilised for server-side encryption and secure content delivery, employing techniques such as cookies and Time-based One-Time Passwords (TOTP) for access control.

Ensuring Content Protection

The main feature of this music app’s DRM integration is its ability to protect copyrighted material shared on the platform. By encrypting content and enforcing access control mechanisms, The app safeguards the intellectual property rights of content creators, thereby fostering a trusted and secure environment for content distribution within the community.

Challenges Encountered:

Integrating DRM into this music app posed complex challenges that demanded innovative solutions. One major hurdle was enabling offline playback within Android WebView, which lacked support for persistent licenses. Addressing this, the team delved into DRM protocols and encryption methods to devise a workaround. Their solution leveraged asymmetric encryption to securely store content locally on users’ devices, ensuring access to protected content offline.

Ensuring the security of offline content storage presented further complexities. Robust encryption algorithms and access control mechanisms were implemented to safeguard content from unauthorised access or tampering. Seamless integration between the customer services, content delivery network, and client-side application components proved challenging. The team navigated these obstacles through collaborative efforts and creative problem-solving, resulting in a robust and secure implementation of this music application.

Overcoming the challenges of DRM integration in this music app required multi-disciplinary technical expertise and perseverance. By surmounting these obstacles, the team ensured seamless offline playback and strengthened the platform’s security. The providers of this music application are dedicated to providing a secure and user-centric digital content experience exemplified by successfully resolving these challenges, underscoring their commitment to excellence in content protection and user satisfaction.


The integration of DRM technology in this music application represents a crucial step towards ensuring the security and integrity of digital content within the community. By leveraging DRM capabilities, this application provides content creators with peace of mind, knowing their works are protected against unauthorised use or distribution. Moving forward, ongoing testing and refinement of DRM implementation will further enhance the platform’s security and usability, reaffirming application managers’ commitment to promoting a fair and secure environment for content sharing and consumption.

How is this different, and why does it matter?

With an annual budget of hundreds of millions of dollars to maintain its features, Spotify leads the pack in digital music streaming. However, our team of experts has achieved the core comparable functionality with significantly reduced time and low costs. Despite the challenges posed by DRM, security, and offline capabilities, our agile squad of ‘ninja engineers’ has showcased their ability to deliver cutting-edge solutions efficiently. This contrast in approach underscores the significance of innovative and cost-effective solutions in the tech industry: with low code, you need a fraction of the spend compared to traditional coding, and you can deliver mission-critical systems on a tight budget.

Author: Pedro Neto, OutSystems Developer