Articles in this section

Model Security

    At Sketchfab we take privacy and security very seriously and do our very best to protect your work.

    Here are some of the ways in which we secure your content:

    • Data served from our site is compressed via a lossy algorithm and original files are never publicly exposed.
    • Our team actively monitors and invalidates any unauthorized attempts to access 3D data, such as "rippers".
    • Our terms of service strictly forbids any attempt to reverse-engineer Sketchfab content.

    While we make it as hard as we can to prevent piracy, it's not entirely possible due to the way video cards work. We scramble the data we send to your browser, but once it is sent to your video card it's readable and can be intercepted. Unfortunately, this is true for any process that uses a video card, like games or any other WebGL/WebVR apps. That said, your original model file is never exposed unless you enable downloading. The model we serve to your card is heavily processed and compressed.

    In the end, there's always a balance between getting exposure and showing your work vs how sensitive your data is. This is true for all media platforms (like YouTube, Spotify or Netflix).

    To add an extra layer of security to your models, you can use Sketchfab PRO - this way you can make your models private (unlisted) and even password-protected.

    Avatar
    James
    • Updated
    Follow

    Related articles

    Comments

    21 comments

    Sort by Date Votes
    • Avatar
      wood_dragon

      Hi! Is it possible to have a model another place than Sketchfab computers (for example on my own computer or a company's computer)?
      Say company X wants to store a model on its own computers for security reasons. The idea is that customer Y would go on company X's website to view their model using Sketchfab viewer. Is this remotely possible?

      0
      Permalink
    • Avatar
      James

      @wood_dragon - At the moment, all models must be uploaded to Sketchfab for processing, and we don't license the viewer technology for others to host.

      0
      Permalink
    • Avatar
      elearning

      Hi, I am going to use 3D models in the classroom and assign these models to individual students. I would like students to be able to add annotations and text to "their own" models. Is their anyway to do this without giving them my credentials? Assigning a password won't give them permissions right?

      0
      Permalink
    • Avatar
      James

      @elearning - Hi, sound great. We don't have a system like that yet. The best thing to do is have them create their own accounts or create new accounts yourself for them so you can keep your own credentials safe.

      0
      Permalink
    • Avatar
      cgartefacts
      Hello, I just want to point out that after turning a model as private, with/out password on a chrome computer, after I log out and go to the model page I immediately see the product loading and working just fine. I've tested the link in IE and it properly prompts for the password. I haven't reset cache on Chrome as I'm doing some web dev at the moment but I shouldn't have to, I think. I can imagine this being a problem to someone wanting to hide a model from coworkers (think coworking spaces) or family (think surprise!) ...
      0
      Permalink
    • Avatar
      James
      @cgartefacts - Making a model Private just means that it is unlisted. Anyone who knows the URL can see the model. This is the intended behavior. If you want to keep the model hidden, you should add a password. I'm sorry that this wasn't clear. I will update this article to be more explicit.
      0
      Permalink
    • Avatar
      elearning
      @James. What about letting 25 students log in simultaneously on my credentials (and changing the password afterwards)? Can it be done?
      0
      Permalink
    • Avatar
      James
      @elearning - You could do that, but if they log out after you change the password, they won't be able to log back in. Maybe you could create a "dummy" account for this purpose?
      0
      Permalink
    • Avatar
      elearning
      Thanks James. Okay. That will work, because I want them to edit the models under my supervision during class. As long as multiple logins are allowed they can mess it up as they want. A duplicate (backup) account would not be a bad idea, but that probably won't be possible with the click of a button right? (I have over 70 models up).
      0
      Permalink
    • Avatar
      James
      Well, we could make the existing account the "supervised" account, then you can create a new personal account. Or we can move the models for you. Can you please send me an email? support@sketchfab.com - It will be easier for me to work with you that way.
      0
      Permalink
    • Avatar
      IVAR

      Prejudice a question if the public private model password when I insert it in the wordpress site, a password is required to who wants to see the site in wordpress? in more private links to the model, it is indexed by the engines? thank you very much

      0
      Permalink
    • Avatar
      James
      • Edited

      @IVAR The password is always required, and the model will not be indexed by search engines.

      0
      Permalink
    • Avatar
      brvr

      James,

      If I want to make a model available for a certain site e.g (my site) , and someone else embed it to their site, is possible to give direct access to my site but still have the password if somene tries to copy the url?

       

      0
      Permalink
    • Avatar
      James

      @brvr - Not at the moment. If you add a password, the password will be required everywhere.

      0
      Permalink
    • Avatar
      brvr

      Thank you!

      0
      Permalink
    • Avatar
      steplont

      Someone steal models from sketchfab.
      Look at this:
      https://p3dm.ru/tutorials/ripper/9313-ninja-ripper-and-web-ripping-rus.html

      0
      Permalink
    • Avatar
      steplont

      English version:

      http://cgig.ru/en/2017/01/ninja-ripper-and-web-ripping-en/

      0
      Permalink
    • Avatar
      James

      @steplont - Your original files are never exposed unless you enable download. Our viewer serves a compressed version of the mesh. However, once the 3D data reaches your GPU, it is available locally. This is required for our viewer to work. This is really no different than any other media published on the Internet; it's trivial to rip images, audio, and video from most sources. In fact, ripping 3D is harder.

      That said, we are working on some features to make such techniques harder. In theory, it's possible to make automatic ripping VERY difficult. However, this would hurt performance and stability of the product. You can follow some more discussion here:

      https://forum.sketchfab.com/t/lets-talk-about-security/15789

      0
      Permalink
    • Avatar
      jqw207

      Is it possible to "livetrack" unauthorized access to certain outputs of WebGL/the viewer and immediately cut access once it's been detected?

      0
      Permalink
    • Avatar
      James

      @jqw207 We occasionally ban IP addresses of of abusive or spamming users, which blocks their access to the site completely. We also monitor ripping tools that work at the level of the browser / viewer change our code to break them when they are detected.

      0
      Permalink
    • Avatar
      melvinshearer8

      how to make a modle

      0
      Permalink

    Please sign in to leave a comment.