How to sell EPUB books for programmers
February 22, 2011 1:37 PM   Subscribe

Selling EPUB e-books, adding on to a custom shopping cart app: handle like any downloadable file? DRM? If DRM is a bad idea, good layperson-accessible article explaining clearly why not? If DRM is a good idea, how is it implemented?

Assume I'm some kind of coding genius (just to skip the "it's too complex to do it yourself" answers -- I may decide it's too complex, but I'm not going to do so without understanding how it's implemented), what do I need to know to handle selling e-books?

This would be for a small, niche, independent publisher. Its clients are primarily educators and counselors. They're already using a somewhat basic, but rather customized, shopping cart web site (in Perl, FWIW) with payments handled by a separately-hosted service that basically stores credit card and purchase list information which the client retrieves and processes (which assures everything is in stock, etc.).

I'm their web developer. I don't have an e-book reader. The company that has printed their books can convert them to EPUB format easily, but that doesn't include DRM -- which makes sense, since DRM seems likely to be something that's going to be added for each purchase as it happens.

I need some basic clues. Googling turned up stuff that doesn't look like what I need: arguments about the benefits/costs of DRM; DRM info for cell phone/other devices; where to find DRM-free stuff.

I need to know:
  • How to implement DRM myself (in Perl, but any language) assuming I'm handed a bunch of EPUB files; and/or
  • Where to find an excellent, focused, short, clear article explaining how my client can decide whether they should implement DRM or not.
I already know (I think):
  • How to find basic information on the EPUB format;
  • That, for some markets, DRM makes no sense because piracy is less of a concern than obscurity. (I'm not sure whether that's true for this client's market.)
  • That just adding the purchaser's name into the text is one idea. It sounds good, but I'm not convinced it's enough).
posted by amtho to Computers & Internet (14 answers total) 2 users marked this as a favorite
How to implement DRM myself (in Perl, but any language) assuming I'm handed a bunch of EPUB files

Are you talking about rolling your own DRM from scratch? Although technically the EPUB format allows any DRM scheme, in practice pretty much everyone uses one of a few proprietary DRM systems such as the one from Adobe. This is mainly because if you come up with your own DRM scheme, any app that tries to read your EPUB file will not be able to open it. I assume you can license the existing DRM types to use but I have no idea how you would go about that or how much it would cost.

That just adding the purchaser's name into the text is one idea. It sounds good, but I'm not convinced it's enough)

This may be a way to prevent casual copying but will not cause any difficulty for actual pirates. As you said that may or may not be an issue for your client. But on the other hand, most of the big DRM scheme's like Adobe's have been cracked so that doesn't stop pirates either really.
posted by burnmp3s at 2:28 PM on February 22, 2011

Doing DRM right is hard. I know you don't want to hear this, but this is central to the issue. Make it not strong enough and you might as well not have bothered, too strong and you make your product too hard to use. It is not clear at all that there is a middle point between these two that satisfies them both.

How it is usually done: buy it. Here is one reason to buy it, beyond the obvious "it is fast and easy", the ereader that you use must know how to interpret the drm. So if you build the DRM you have to build the reader software. And get it on devices. Still with me? Now, where are the directions? Well, you are asking companies that makes stuff to keep content restricted to tell you how their code works? Patented is how. Open source drm is kind of a contradiction in terms (actually see here). Creating drm is a big project even for a big developer, as far as I can tell. The sensible thing to do is sell through something like the Amazon Kindle market.

Here is an article on why not DRM that seems ok

Maybe look in to watermarking? You might be able watermark a serial number in to the file. That would make it easier to tell where copies are coming from at least.
posted by d4nj450n at 2:32 PM on February 22, 2011

Response by poster: OK, where can I "buy it"? What would I be buying? Can I get a compiled module that would run on a Unix server? Can I access a third-party service from my Pair-served web system (i.e., not loading it in the purchaser's web browser, but handing it through a back-end process)?

Is there a list of available services?

Also, are all DRM services device-specific? Is there some kind of common, open DRM protocol? (I am aware that your answer, d4nj450n, seems to indicate that there is no open protocol).
posted by amtho at 2:40 PM on February 22, 2011

The "Adobe one" mentioned by burnmp3s is Adobe Content Server. Every DRM solution is a murky swamp littered with booby traps, but Adobe's offering is among the best. My company uses it and is quite satisfied.
posted by The Winsome Parker Lewis at 2:41 PM on February 22, 2011 [1 favorite]

Adobe's ePub DRM is easily defeated, and is probably the most common for ePub readers. You'll perhaps want to weigh the per-transaction cost of implementation against the cost of lost sales due to piracy, some percentage of which will occur with or without DRM.
posted by Blazecock Pileon at 2:47 PM on February 22, 2011

I would guess (although I have no statistics) that unless you are selling blockbuster books, the number of sales you would lose to people who don't buy DRM protected products on principle, or who are concerned that your DRM implementation would cause difficulties with their e-book reader (which keeps happening to me), might outweigh the number of sales you would lose to piracy.

Especially given how easy DRM is to break (I've done it myself to get books to run on my reader and I am no genius) - it's not going to stop real pirates who really want your books.
posted by lollusc at 2:58 PM on February 22, 2011 [1 favorite]

Also, are all DRM services device-specific? Is there some kind of common, open DRM protocol? (I am aware that your answer, d4nj450n, seems to indicate that there is no open protocol).

It's more the other way around, devices and apps support a given set of DRM schemes and file formats. Notably the Kindle does not support the EPUB format at all. Open DRM systems do not really exist, mostly because DRM tends to rely upon secret algorithms that once reverse engineered make it trivial to defeat the protection (unlike, say, normal encryption where security through obscurity is not necessary).
posted by burnmp3s at 3:03 PM on February 22, 2011

Not all books get pirated. In order to get an uncracked version you have to (a) care and (b) either know that software exists and how to get it or know about torrent sites and how to get them. Know your audience.

DRM is probably nearly useless for a book like "High Performance 3D Graphics - Linux Edition", because anyone using that book is going to be tech savvy enough to understand what DRM is and how to look for cracked editions.

If, however, your book is "A History of English Sheepherding", then you are likely dealing with a less tech-savvy audience and DRM might not be worth the cost because even if cracked copies get out there, your audience won't be looking for them.
posted by It's Never Lurgi at 3:48 PM on February 22, 2011

You have only two realistic options for selling direct: Adobe Content Server or no DRM. ACS is widely used and widely hated and completely compromised. It's also expensive. You could go through a third party aggregator to lower the cost but they may not integrate with your Perl shopping cart.

Or you could distribute through iBookstore or the Kindle store and lose 30% of the sale.
posted by nev at 5:42 PM on February 22, 2011 [1 favorite]

Response by poster: You could go through a third party aggregator to lower the cost

Such as? Anyone?
posted by amtho at 5:50 PM on February 22, 2011

Ingram and LibreDigital are some large ACS providers, but I have no idea what their terms of use are.
posted by nev at 6:06 PM on February 22, 2011

Disclaimer: I wrote this article. But for a blog that knows its stuff:

The short version is that DRM is a) going to annoy legitimate customers b) going to add cost to the book which customers will resent paying and c) not really stop anybody who is bent on pirating it anyway. So, what will you gain by it, and what will you lose?
posted by JoannaC at 8:29 PM on February 22, 2011

Check out and its reader Monocle, based off their Zhook format. Interesting!
posted by LongDrive at 9:33 PM on February 22, 2011

Such as? Anyone?

Overdrive is one such. Smashwords is another. These are two of the first three google hits for "ebook distributor".

Short answer: DRM doesn't work and isn't a good idea. If you want your book to be available on the largest number of reading platforms, but do want some measure of accountability, offer it in multiple non-DRM formats (epub, mobi, pdf) with steganographic watermarking. That's something you can do in-house, like Fictionwise does.
posted by hades at 11:56 AM on February 23, 2011

« Older RSS to Blog   |   WidgetFilter Newer »
This thread is closed to new comments.