The announcement that Adobe and Barnes & Noble are collaborating to further standardize eBook technology is an advancement for open, interoperable eBooks. As part of this collaboration, Barnes & Noble announced it is adopting the open EPUB eBook Format, PDF and Adobe Content Server as the basis of its eBook distribution—including on nook, the Barnes & Noble eBook reader.
This FAQ is based on current available information and addresses customer questions about the announcement.
Q: Will the first release of the Barnes & Noble nook support PDF and EPUB content protected by Content Server?
A: Yes. Content protected by Content Server that is distributed by retailers and libraries can be transferred to the Barnes & Noble nook reading device via Adobe Digital Editions or other “side loading” options.
Q: What is the new social content protection technology that Adobe will be delivering in its solutions, and how does it relate to today's eReader DRM?
A: Adobe is adding support to its digital publishing solutions for a new, password-based content protection option for EPUB. This new feature will be part of the Adobe solution and encompasses technology licensed from Barnes & Noble. From an end-user perspective, this password protection option will function similar to the way that today's eReader DRM works with the eReader PDB format. For example, an EPUB file protected with this option will require the user to enter an ID and password the first time they wish to access the content. Distributors using this system may choose to make the password something that a user is reluctant to share with others, such as the billing name and number of the credit card used to purchase the content (as is done in today's eReader model), but this will not be a requirement of the password-protection option itself.
Q: Will there now be two different content protection solutions for EPUB content?
A: Definitely not. A major reason we joined forces was to avoid fragmentation of multiple content protection technologies for EPUB. Content Server will simply have two options for protecting EPUB content: identity-based authorization and ID and password-based authorization. The DRM infrastructure—both in the Reader Mobile SDK and in Content Server—is the same, and the changes for Content Server and enhanced RMSDK customers to enable the password-protected option will be minor. From an end-user perspective, some content may now require a password the first time it is accessed on each device.
Q: Why is this new password protection model called "social" content protection technology?
A: The term "social" can be applied to a range of content protection solutions that do not associate the copying and use of content with a user’s registered “identity” with the vendor. That is, the technology involved does not strictly prevent an authorized user from sharing with other people, but provides a social disincentive to do so. Typically, this social disincentive is accomplished by making the password something a user is reluctant to share with others. Because the eReader-style password option for EPUB that Adobe is supporting does not prevent a user from sharing his/her ID and password with others, it can be considered a type of "social" protection. A user may be reluctant to share an eReader-style password, however, because it contains the billing name and credit card number used to purchase the content.
Q: Is there any difference between a user identity and an “ID and password” used in social content protection?
A: Yes. We use the term “ID and password” to refer to the strings needed to access socially protected content. The “ID” in this phrase is not tied to the strict notion of user identity, and is only regarded by Content Server as a necessary string (along with the password) to authorize the content. Conceivably, users could have multiple ID and password pairs that protect different pieces of content in their reading system. Because users can share these strings with others to provide access to content, we categorize this type of protection as “social”.
Q: Is it required that the password be a credit-card number?
A: No. The exact form of the password is decided by the Content Server operator and is not a requirement of the product. Some distributors – including Barnes & Noble – use a credit card number because it is thought to deter widespread sharing. However, a distributor must coordinate with the rights holder to determine the appropriate level of protection for the content—and whether that means using the identity or social protection option.
Q: Does the use of a credit card number as the password present any security risks or considerations for end-users?
A: The information that is stored in the protected document and cached on reading systems after encountering an ID/password pair for the first time is a non-reversible one-way hash of these strings. However, because users type these strings into a dialog prompt, they should be alert to potential malware “key logger” programs that attempt to record keystrokes and obtain sensitive information. Hence, typing a credit card number into a PC, smartphone or dedicated reading device is always something that should be approached with caution. Many users frequently type in credit card numbers to buy goods online without incident. Additionally, because the ID and password hash is cached after first use and never again requested, the risk can be considered minor.
Q: Is this Adobe's complete "social content protection" solution?
A: No. We anticipate that content distributors will want a range of content protection options, and expect to support these additional options over time. For example, some distributors are using a visible "watermark" as a type of social content protection. At present, Content Server does not support this option, but it is the type of feature under consideration in order to provide the comprehensive cross-platform solution.
Q: When will Content Server-compatible devices support this new password protection option?
A: Adobe will deliver later in 2009 an enhanced Reader Mobile SDK that, among other new features, will support the new password-based EPUB protection option. Devices that integrate this enhanced RMSDK will be compatible with EPUB content sold by the Barnes & Noble eBookstore, although the devices may require manual transfer of content until the next major version of Adobe Digital Editions is released. This compatibility may also include firmware upgrades made available for existing devices, as determined by our licensees.
Q: Will Adobe Digital Editions support the new password-based EPUB protection option?
A: Yes. The next major release of Adobe Digital Editions, expected in 2010, will be based on the enhanced Adobe Reader Mobile SDK. Among other new features, it will support the new password-based EPUB protection option.
Q: Will eBooks sold in the Barnes & Noble eBookstore be supported on existing Adobe Content Server compatible devices?
A: Not initially. Barnes & Noble is using the new password-based EPUB protection option that will require device manufacturers to use an enhanced Adobe Reader Mobile SDK. EPUB content from the Barnes & Noble eBookstore will be compatible as device manufacturers implement this upgrade. However, until the next major release of Adobe Digital Editions that supports content purchased from the Barnes & Noble eBookstore, users will be unable to use Digital Editions as a “helper application” to transfer content to compatible devices. Instead, users will need to manually transfer content to the compatible device. Note also that older, PDB content from Barnes & Noble will not be compatible with Adobe Digital Editions of RMSDK-enabled devices.
Q: When can Content Server operators utilize the new password-based EPUB protection option?
A: Adobe will deliver enhancements to Content Server during 2010 that will enable operators to protect eBooks either using the identity-based or ID and password-based authorization options.
Q: As a Content Server operator, should I plan to migrate to this new password-protected EPUB option?
A: That option is up to you, but there are several considerations to keep in mind. First, it will be some time until all Content Server compatible devices in the field support the new option. Second, publishers need to authorize you relative to what level of content protection, if any, they require. Third, there are pros and cons from an end-user perspective to both identity-based and password-based content protection approaches. Adobe's commitment is to evolve our content protection technology to meet market requirements and maximize ease-of-use for the consumer, but not to dictate a particular approach.
Q: Can you tell me when other Barnes & Noble / Fictionwise eReader software will support Content Server protected content?
A: No. In the announcement Barnes & Noble stated that PDF and EPUB are its primary formats and Content Server its content protection solution. However, the only product-specific announcements Barnes & Noble made were about nook.
Q: Will devices enabled by Adobe Reader Mobile SDK support any other formats besides PDF and EPUB?
A: No. PDF and EPUB are the open standards for final-form and adaptive publications that are rapidly being adopted industry-wide, and Adobe has no plans to enable legacy eBook formats or other file types.
Q: Can you tell me more about how Adobe is involved in nook’s LendMe™ technology Barnes & Noble announced?
A: Not at this time. However, Adobe intends that Content Server operators and RMSDK licensees who wish to support user-to-user lending, as permitted by publishers, will ultimately have a broadly available, interoperable solution.
Q: When will more details on LendMe be available?
A: Adobe will be in a position to share further information with Barnes & Noble after nook has shipped by the end of November 2009 as Barnes & Noble announced.