How Our DRM Works
Our DRM Portal portal caters to eBooks and PDF documents which are
copy-protected with the added protection of DRM. To distribute documents
in copy-protected form only, you do not need to use this DRM Portal.
Only documents that are to be controlled by DRM need be registered
here. DRM manages access to documents by checking the access privileges
assigned to both the document and the user.
Adding New Documents
On your Documents page, there is a link to click to Add New Document.
The most reliable PDF conversions are created by the server-side version
of CopySafe PDF Protector. Documents created by the server are more
reliable because there is less chance of making errors with file names
and so on, especially with the URL to use as the DRM authority for the
document. It is most important that the file name that gets embedded
inside the document perfectly matches the file name stored in the
database. These files can be renamed after conversion and recording by
the server. For more information about uploading see the
Getting Started guide.
CopySafe PDF caters for documents created using standard PDF format. It
may not support features support by other proprietary readers. For
example, embedded video and 3D objects are not supported. Some special
effects that Acrobat 9 and later use for transparency and CSS style are
not supported. However all documents created in Microsoft Word and
converted to PDF using Acrobat 8 or earlier can be encrypted and
protected as perfect replicas of the original.
Watermarks, bookmarks and hyperlinks are supported. If the converted
file differs to the original, check your methods. If using Adobe
InDesign or Acrobat 9 or later, always "optimize" or "save" the document
for compatibility with Adobe Reader 8 or less. Note that Adobe products
work best with other Adobe products. This means that documents created
using Acrobat 9+ and expecially InDesign may only display properly when
viewed using the latest version of Adobe Reader.
The most reliable tools for standardized output are Microsoft Word and Adobe Acrobat 8.
As of May 2103 our DRM Portal includes new document conversion tool to
cater for Word and other other formats. These uploads can now be
converted to PDF and then encrypted as protected documents automatically
by the server. In fact, if you have doubts about the integrity of your
own PDF converter, by using our server-side PDF conversion you can be
assured of 100% compatibility.
Image Quality and Resolution
Images of poor quality, ie: over-compressed images are not recommended.
However attention should be paid to their size and resolution, otherwise
the document can end up being an unnecessarily huge download size and a
nuisance to your subscribers. . For example, a resolution of higher than
96 DPI (dots-per-inch) is wasteful as most computer monitors are only
good for 72-96 dpi. Images that come directly from cameras and scanners
can be up to 600 dpi and need down scaling. GIMP is a popular and
sophisticated image editor that you can use and it is free to download.
The overall dimensions of the image may also need some attention as
editors like Word will auto-fit an image to a page, regardless of
whether it is 800, 1000 or even 3000 pixels wide. As a rule, an image
that is roughly 800 pixels wide will fill the width of an A4 page. You
may also find that an image quality setting of 60% looks as good on a
computer as one at 100% quality but with a dramatic reduction in file
size. If in doubt 8-0% image quality always looks good and reduces file
File format is also important. GIF images do not always look as good
when the document's page has been rescaled. However JPG and PNG images
fare well. Do NOT use transparent images or any images that have
transparent backgrounds. File mode is also most important as images of
CMYK are meant for commercial printers and should not be used here or in
any wprojects used on the web. The proper image mode to use for CopySafe
PDF and other web projects is RGB.
Demo accounts are limited in file size that can be uploaded;
otherwise, there is no limit in file size. Some documents converted and
stored in this portal are 90 MB and more. While this may have been
necessary to register the document in the system, delivering that same
document from the server may not not good practice because if a user
reads it from the web, every time they open the document they have to
download it all over again. So to encourage your subscribers to read
locally, get them to download and save the document to their computer.
Most authors use our DRM Portal for subscription management only and
then advertise and sell their eBooks from their own web site and several
online eBook outlets. So if your document is huge, say 60-100 MB, then
it is not important that you have it on our server. So what some clever
authors do is create two (2) versions of their eBook that use the same
file name. The short version is uploaded to our server to register the
document in the system, and the larger full version is distributed on
disk or form a download site after purchase. That short version could
also serve as a tantalizer; a sample with excerpts taken from the full
There are different protection options available for DRM that for vanilla
copy protection. If you "copy-protect" only then your document will have
its settings embedded inside and thus not require user approval by the
DRM server. Consequently, they will be protected from all methods of
copy but nothing will prevent users from sharing.
Only by employing our DRM can you prevent users from sharing your
documents. While DRM requires that the document be registered in the DRM
database and that the user needs to be online to gain permissions to use
that document, it is actually a much more flexible method. For example,
you can vary a users permissions or change a document's settings at any
time with immediate effect, even applied to documents already saved to a
user's computer or out in wild on CD.
Unique User Identification
Unique user identification is one of the most important features of our
DRM because it enables the Administrator to assign access rights to
individuals and ensure that those rights cannot be shared. When the DRM
is applied, visitors are identified by their unique computer signature
by the DRM Portal which, after initial registration, will automatically
recognize their repeat usage. This unique user identification also
enables the system to track the usage of each visitor so that view and
print limits can be enforced, and expiration can be applied by calendar
date, number of days or even number of hours (starting from the user's
Different rules apply when DRM is applied to a document. Normally, the
expiry date is embedded inside the document and you have the option to
nominate time checks by an online time server or use the user's local
computer time. Using local time, however, can enable a user to alter
their computer time to exploit that limitation. When applying DRM to the
document, the expiry date is not embedded but is instead recorded
online, where you have more control to update it at any time. Also, if
you are dependent on online time, your expiration setting can never be
exploited. Regardless of where a user is located or where the DRM server
is located, expiration settings via DRM will always be governed by
Greenwich Mean Time (GMT), so expiry dates will always finish at
Expire By Number Of Days
As an alternative to using a set date, on which a document should
expire, authors can set the number of days instead. These days are
calculated afresh for every time a user will log in from the starting
date of a document. This option is most useful for limiting a
subscriber's usage to a document starting from the date that they first
open that document. So, even though the document may have been in
circulation for a long time, like with CD distributions, the user will
be able to access it for
n number of days from when they start using it, which could be
next year or the year after.
Expire By Number Of Hours
Authors can also set the number of hours which are calculated afresh for
every time a user will log in and use the document from the time it was
first used. This option is most useful for limiting a subscriber's usage
to a document, starting from the time that they first open that
document. Even though the document may have been in circulation for a
long time, like with CD distributions, the user will be able to access
it for n number of hours from when they start using it, which could be
any time that the Administrator assigns.
Setting a password only applies to documents that are copy-protected
only, and not for DRM. Passwords are unnecessary with DRM-protected
documents because the user's access rights are instead enforced
according to their unique computer signature.
A Group is the key to rights allocation between documents and users. All
documents need to be assigned to a group and an author may have one or
many groups, each one used for a different department or level in their
tutorial. Documents assigned to a Group become accessible to all users
under that group. Moreover, you can also nominate users from other
groups found in "Whitelist" selector in the group's settings. A
variation to this rule is possible by using eBook assignment (see eBook
The Group Whitelist can be used to add users who belong to other groups.
Any user added in a group's whitelist can access all documents belonging
to that group just as if they were a member of that group.
When converting a document for copy protection only (no DRM), the print
limitation options are simply to disallow (default setting) or to allow
printing. However, when DRM is applied to your page or document, not
only do you have the option of allowing or disallowing printing, but you
can also limit the number of prints that are allowed per user from 1 to
999,999 times. DRM print limits can be varied at any time and may apply
to "occasions" and not to the number of copies made on each occasion.
For example, if a printing limit of one (1) is applied, then each user
will have permission to send the document to the printer once after
which, they cannot print that document again on another occasion. But
once a document has been sent to the printer, it is out of the realm of
any controls and the user can then nominate to print 1 or 100 copies.
Note: When printing is allowed, the user can only send to a real
printer; they will not be able to send to a network printer because
anything seen as a "virtual" printer such as printer-drivers, that
convert files, cannot ever be allowed because it would undermine the
essence of print protection. To better understand why, printer drivers
(virtual printers) can convert your documents to PDF and these can also
convert documents to many other file formats. Unless you want to enable
users to convert your protected documents back to normal PDF, forget
about supporting virtual printers.
Warning: Normally virtual printers are not allowed because they include
printer-drivers that are used for converting files to different document
types. For example a PDF converter is a printer-driver that converts
files to PDF. Consequently, allowing a user to use virtual drivers
printers can enable them to create an unprotected version of your
Remote viewing means displaying a document on a virtual computer, while
viewing that computer's desktop from another computer. For example,
Windows, Mac and Linux computers can run other operating systems (OS) in
a partition. By installing Windows in a partition created by VMWare or
Parallels software, the media can be exposed to unprotected copying
because the software that should be preventing copy may not be running
or even installed on the computer that is making the remote connection.
This happens even while it may be running on the computer that is
displaying the media. The option to allow remote viewing is available
but it is not recommended. It may be useful for authors who are working
from Mac computers for proofreading purposes but be warned that it opens
your document to exploitation.
This option can enable a user to use Print Screen or screen capture
software to copy your document's content. The default setting is to
prevent all copy and capture.
Adding New Users
Authors can add new users to any Group that they own. Users can be added
using the main form, which can include extensive information about their
company contact details and private comments for their own internal use.
From a user's edit page, authors can make adjustment for many different
settings that govern group membership, author status and the information
that they themselves can or cannot change. Alternatively, an author can
use the "Quick Add" option, which only requires the input of an email
address. You can also add clients as eBook users (explained below).
Adding Bulk Users
This feature is available to the master administrator only. New users
can added to the DRM Portal in bulk by copy-pasting from a CSV file
20-50 rows at a time. The bare information required is Firstname,
Lastname, Email and Password. If a password is not assigned or is less
than the required minimum of 8 letters, the system will generate a
random password for the user. This form provides selection for group to
assign and the option of emailing each new user with a welcome message
containing their log-in details and instructions for installing the
CopySafe PDF Reader.
Adding eBook Users
Ebook user rights differ from Group member rights. Group members can
access all documents assigned to their Group. In contrast, eBooks are
assigned to the user, which allows one to become a member of a Group (or
several Groups). They may also have several eBooks assigned to them from
many different authors. eBooks can be assigned to a user manually or the
process can be automated from a successful online transaction such as
those that use PayPal. To add an eBook user manually from the "eBooks"
page in your control panel, click on "Add eBook user", select the eBook
and type in the individual’s email address and password. You don't have
to worry if it is an existing customer or if the user is already listed
in the database because the system will check all records and update
Note: Demo accounts are affected by automatic expiration so if you add
an eBook user who happens to already have a "demo" account, then their
status will be updated and that expiration will no longer matter. Such
users will no longer be "Demo" users and their account privileges and
indexes will be changed for accessing eBooks only.
The very first time that a user opens a protected document, the CopySafe
PDF Reader will ask them for a username and a password to register their
computer signature in the database Should they change computers at a
later date, they can always log into the system using the same username
and password to update their details.
User Document Rights
The main point to realize is that by adding users to various Groups, you
are enabling them to access any documents that have been assigned to
those groups. Users can also access any documents belonging to groups
where they are included in the whitelist for that group. Documents also
have white-lists. When a user logs into their Control panel a document
list will show them which documents have been assigned to their group.
That list may or may not include documents from other groups for which
they have been white-listed. Users can also be assigned documents
directly by using eBook assignment. Ebook assignment is a one-to-one
basis or rather, a book-to-user basis that operates independently from
all rules related to group access.
It is not possible for a user (unique computer) to be a member of more
than one group. However a user can be associated to an unlimited number
of groups and documents by adding them to their whitelist.
Multiple Computers Assigned To One
An author has the ability to allow each user to use up to three
computers with their account. The default setting is to allow one
computer only and authors should note that allowing extra computers,
especially with the option of changing those computer identities at any
time, will invite exploitation and enable sharing of your document. Between 1-3 computers can
be enabled in group settings
or 1-3 computers can be enabled in a user's settings. Neither setting
over-rides the other. For example, a group may be set to allow only one
computer, which means that all members of that group can only use one
computer with their DRM account. But any one of those users can be
assigned 1-3 computers independently.
The computer list assigned to an account has priority in that computer
ID 1 is the only assignment that can be updated from the Reader. So when
adding or updating a Computer ID from the Reader it will always be
Computer ID 1 that is used. To add second and third Computer IDs to an
account the user needs to log into their Control panel and click the
link for Account Details. If they are indeed allowed more than one
Computer ID then a link will be provided for them to update those IDs
from their web browser. How this works is quite simple... they must be
using the computer that they want to add. The instructions on that
update page are straightforward. If the first Computer ID is blank it
will be possible to add the first computer from that update page also.
If ComputerLock is applied and all Computer Ids are full but the user
wants to change one, the they need to contact their author so that one
can be deleted. Once deleted, the user will then be free to add a new
Computer Lock - Prevents Computer Change
While it is convenient to allow a user to change the computer that is
associated with a single account when needed, some authors may see this
as an opportunity where a user can exploit one. For example, while it
may be convenient to change computers from office-to-office or
office-to-home when needed, a user can also use that opportunity to lend
their user account to other persons who may not have been authorized by
the author. To prevent such exploitation, an author has the option of
applying Computer Lock. Computer Lock is applied to individual user
accounts from the user's edit page. When this is enabled, a user cannot
update a computer from the Reader once it has been set. For a user to
change a locked computer ID, the Author must be contacted for permission
so the user’s ID can then be removed. This will enable the new computer
to be accepted and recorded. The default setting is to allow computer
Access Lock - Prevents Access To The DRM
If it is desirable to prevent users from logging-in to change their
contact details, an Author can apply "Access Lock". Access Lock is
applied by editing a group’s settings and is group-wide. This means that
if Access Lock is applied to a group, then only the Author will be able
to log into the portal. Access Lock does not affect a user's rights to
access documents on the computer. The default setting is to allow access
to the Control Panel.
Name Lock - Prevents Real Name Changes
Where an author needs to identify users by name, allowing them to change
those names can therefore break familiarity. For this reason, there is
an option that can be set to prevent users from changing their first and
last names once both have been nominated. Only one letter is needed to
qualify as a name. Name Lock is applied in a Group's settings and
affects all users in that Group except the author. The default setting
is to allow first and last name changes.
This option can remove the requirement for a user to be authorized
before viewing a document. When "User Check" is disabled any user can
open the document, regardless of whether they have an account in the DRM
Portal or not.
eBook vs Document Management
There is a vast difference between user rights for eBooks and for
documents that must be understood before setting up an eBook
distribution. DRM rules for documents are simple: All members of a group
can open all documents that are associated to that group. But the rules
for eBooks are quite different because individual books can be assigned
directly to users and eBooks from different authors can be assigned to
the same user. However, they both start out the same way—as documents.
Then, that document can be changed to eBook status at any time but it
needs to be moved to a group that has no users, unless you want all
members of that group to access it. Therefore, it is highly recommended
for you to create a separate group to store all of your eBooks and not
assign any users to that group immediately. Instead, let their rights be
added as eBook users when that time comes. The document can be moved by
editing the setting from your Documents page by clicking edit and then
changing the group in the dropdown selector.
eBook Conversion For Online Sales
For detailed instruction for converting Documents to eBooks and
preparing them for online sales, please see the
When adding or editing a user or new eBook user, you have the option of
sending an email message to that user. At the bottom of the edit page,
there is a checkbox to tick and a message area. When ticked, whatever
message that you type into the box will appear as a standard message
added from a template to remind the user of their login details. To see
how this works, you can try editing your own details (author status is
From your document menu, you can select a file to send as a newsletter.
You have the option to select which users or groups to send to and which
file format to send. The best practice is to send a test email to
yourself first so that you can proofread your message and the output. If
the message is found to be acceptable, simply click backspace to select
the new recipients or group. The newsletter function is intended to send
an attachment and is governed by the document that you select to
initiate the process. However, if you want to send a newsletter without
an attachment, you will have the option of removing that part from the
page that presents a preview before sending.
Zipping Executables For Email
ZIP may or may not be available, depending on the server setup as it
requires a server side DLL. On our DRM portal, ZIP is available and when
this option is used, the recipient will receive the attached ENC
document in ZIP format. Note: Using the ZIP option is strongly
recommended as it will ensure that the recipient saves the file to disk,
before unzipping. This is better than trying to open an ENC file from
their mail client. Most mail clients who like Outlook Express only know
about a limited range of file types and .ENC is not one of them. Trying
to open one from a mail client will only result in error. Unless your
users are familiar with CopySafe PDF documents, it may be best to
eliminate the chance of error and always send them zipped.
Emails sent from within the portal will automatically be addressed to
the owner of that user's Group.
Document Delivery Options
Delivery By Email
You can deliver protected PDF (.ENC files) by email as attachments but
only if they have CopySafe PDF Reader version 3.0 installed will they be
able to open them direct from the mail client. it is possible that the
recipient may have problems opening them direct from the email
especially if the mail client especially if the user does not know what
to do with an .ENC file. If you have a lot of users still using version
2.0 Reader then it is recommended to send any attachments in ZIP format.
What is ZIP? For those of the old school who don't use WinZip, 7Zip or
Rar, the latest versions of Windows include ZIP as standard. To ZIP a
file, right click on it and select "Sent to Compressed (Zip) folder". To
UnZip a file, right click on the file and select "Extract All".
Delivery By Download
Whether sending a download link by email or listing it on a web page, it
is most recommended to point to a zipped version of the file, unless you
are using the hyperlink that is provided from within your DRM Portal.
For example, the link to a non-zipped file should look like
http://copysafe.net/drm/file.asp?tp=2&id=100001. Here, a special
web script (file.asp) is retrieving the document by ID and providing it
as a download to your web browser in chunks (especially useful for large
downloads). Without a function like this, a web server will not know
what to do with an ENC file and only deliver an error, especially
considering that your protected documents are delivered from below the
So, unless you use the hyperlink as described above, you should send all
document downloads to zipped files.
As of version 3 CopySafe PDF Reader, ENC files sent as mail attachments
can be opened directly from most mail clients (if the reader is
Delivery On Disk
Your protected documents can also be distributed on disk. USB memory
stick, CD or DVD disks are different ways to store and distribute your
documents. When circulated on disk, your documents do not need to be
zipped. For convenience, good practice includes providing a copy of the
CopySafe PDF Reader installer and instructions or an index of your
files, for example, a list of the Titles beside their file names. The
CopySafe PDF Reader is a free download to the public and you have
permission to include it in your distributions as long as the installer
remains as provided by ArtistScope.
Delivery By Newsletter
Your protected documents can also be distributed from you DRM Control
Panel by using the Newsletter option. To send a document to one of your
users or a group of users, start from your document list and click on
the envelope icon in its table row. The next page will invite selection
of the user/s or group to be recipients and whether to send the .ENC
file attached or as a download link. Unless your subscribers are
experienced, it is strongly recommended to send the .ENC as a download
link. That way they will not try to open it directly from their mail
client and get into trouble (mail clients won't know what to do with
.ENC files). As a download, they should have the sense to save it to
disk first so that the CopySafe PDF Reader will be acknowledged as the
reader for this type of document.
Saving To Disk vs. Opening From The Web Or Mail
If a user saves a document to their computer they will not have to
download it again, unlike when they open documents directly from the web
or their mail client. This is because when a document is opened directly
it is saved to a temporary folder (cache) for which there is no access
for re-use, except by downloading it all over again. The impact of this
phenomenon is that when saving to disk, they only download it once. But
when reading from online, they will download it every time they open it.
So if your document is a few MB then the persistent downloads can be
punishing to both your web service and the user's data usage.
Statistics & Reports
Statistics & Usage Counts
Authors can monitor and check the usage reports per document and user.
Those reports show each request for a document, who requested it and
when, including success or failure and even the reason for failure.
Reports also show when users have logged into the Control Panel. All
admin operations are also logged. Reports are paginated, sortable by
column and expandable. For example, clicking on a user in the recent
documents list will report all requests made by that user.
The maintenance and removal of old and unwanted records is entirely the
Author's responsibility taking note that that removing records will
affect usage and print counts. To reset the usage count of a particular
user, sort the usage by user and then tick off the records to be
removed. Otherwise, the option for selecting all records on a page will
tick all checkboxes on that page.
Return to top
The Administrator is usually the main account and the owner of the DRM
Portal. Additional to options available to Authors, Administrators have
total control over all aspects including:
General Security Policy
General security policy can be managed by settings available in the
Administrator's Control Panel and how the portal scripts are configured.
From the Control Panel, admin can add and edit new groups, users and
documents. The portal's main settings file can be edited for all sorts
of common data such as the site's folder locations, database location,
page title and many more items that are common to the portal's web
Authors may add new users and give them permission to enable them to
share author roles for management of their documents and users. However,
the Administrator also has the right to suspend an Author account. When
an author's account is suspended, all items such as the author's
documents and users are also suspended, enabling the owner of the portal
to police delinquent accounts that are naturally governed by usage fees,
etc. During installation of ArtistScope DRM, especially when installed
by the ArtistScope team, the DRM portal can be customized to suit any
page design and security policy. For example, on this site, visitors can
register for a "Demo" account which can be automatically activated by
proving one’s identity via a challenge email. Demo users can then log in
to evaluate the solution, but under limited conditions. Demo users
cannot create new groups or publish any documents, except to the demo
group and those documents and demo accounts are set to expire within 14
days. While they may still be able to log-in and use the Book Cover
Designer, they lose access to all other document functions. This is an
example of custom security policy and anything is possible by simply
editing the scripts that manage those functions.
IP Ban & Networks Allowed
Users can be banned by IP number or network and exceptions to the rule
can also be set. For example, you can ban a network but permit an
individual IP number. Likewise, you can allow a network and ban a single
IP from it. For example, to ban an ISP you can set 100.100.100 or
100.100. You can also set 100. but be warned that you will also ban any
IP numbers or networks that contain "100". In the main settings file for
the DRM site you can set to allow all networks except those listed, or
deny all networks except those listed.
Portal owners can add subscription billing by charging authors some
fees. The portal includes inbuilt options for monitoring and managing
subscriptions billed periodically (by month) or by usage (hits). In
either case, the owner should ensure that Authors pay their fees in
Billing By Period
Periodic billing enables authors to have unlimited usage by paying a
set rental fee for the month/period. Billing by period can be chargeable
monthly, quarterly or yearly, during which time the author/user has
unlimited access. At the end of the period, the account will need to be
renewed to continue access to the protected documents.
Billing By Validation Hits
Billing by "hits" measures the number of validations that an
author's users perform, a "hit" means the request that is sent to the
DRM portal every time a user opens a document. If an author is billed by
"hits", then their account will credited for the number of hits that
were paid in advance.
Return to top