diff --git a/common/security_profile_list.h b/common/security_profile_list.h
index 10a4e5b..df18b46 100644
--- a/common/security_profile_list.h
+++ b/common/security_profile_list.h
@@ -18,6 +18,7 @@
 
 #include "absl/synchronization/mutex.h"
 #include "common/hash_algorithm.h"
+#include "common/output_protection_util.h"
 #include "common/status.h"
 #include "protos/public/client_identification.pb.h"
 #include "protos/public/device_security_profile_data.pb.h"
@@ -26,6 +27,7 @@
 #include "protos/public/security_profile.pb.h"
 
 namespace widevine {
+
 using ClientCapabilities = ClientIdentification::ClientCapabilities;
 
 const char kDefaultProfileOwnerName[] = "Widevine";
@@ -56,13 +58,16 @@ class SecurityProfileList {
       const std::vector<std::string>& profiles_to_check,
       const std::string& owner, const ClientIdentification& client_id,
       const ProvisionedDeviceInfo& device_info,
+      PlatformVerificationStatus device_vmp_status,
       std::vector<std::string>* qualified_profiles) const;
 
   // Populates |profiles_to_allow| with a list of profiles that meet the
   // requirements for the this device. The number of profiles is returned.
   virtual int GetQualifiedProfiles(
       const ClientIdentification& client_id,
-      const ProvisionedDeviceInfo& device_info, const std::string& owner,
+      const ProvisionedDeviceInfo& device_info,
+      const PlatformVerificationStatus device_vmp_status,
+      const std::string& owner,
       std::vector<std::string>* qualified_profiles) const;
 
   // Return true if a profile exist matching the specified parameters {|name|,
@@ -121,6 +126,8 @@ class SecurityProfileList {
   void ClearAllProfiles();
 
  private:
+  friend class SecurityProfileListTest;
+
   // Add Widevine default profiles into profile_list. The number of added
   // default profiles will be returned.
   virtual int AddDefaultProfiles();
@@ -133,7 +140,8 @@ class SecurityProfileList {
 
   bool DoesProfileQualify(const SecurityProfile& profile,
                           const ClientIdentification& client_id,
-                          const ProvisionedDeviceInfo& device_info) const;
+                          const ProvisionedDeviceInfo& device_info,
+                          PlatformVerificationStatus device_vmp_status) const;
 
   int64_t GetCurrentTimeSeconds() const;
 
@@ -149,6 +157,10 @@ class SecurityProfileList {
 
   void ClearAllDefaultProfilesLocked() ABSL_EXCLUSIVE_LOCKS_REQUIRED(mutex_);
   void ClearAllCustomProfilesLocked() ABSL_EXCLUSIVE_LOCKS_REQUIRED(mutex_);
+
+  // Return true is the client is a Chrome browser.
+  virtual bool IsChromeBrowser(const std::string& device_model) const;
+
   mutable absl::Mutex mutex_;
   // Security profiles
   std::string profile_namespace_;
diff --git a/example/wv_cas_ecm_example b/example/wv_cas_ecm_example
index e5991ce..8bf6217 100644
Binary files a/example/wv_cas_ecm_example and b/example/wv_cas_ecm_example differ
diff --git a/example/wv_cas_emm_example b/example/wv_cas_emm_example
index fbe283b..01fecd0 100644
Binary files a/example/wv_cas_emm_example and b/example/wv_cas_emm_example differ
diff --git a/example/wv_cas_key_fetcher_example b/example/wv_cas_key_fetcher_example
index 2958f0e..61e3109 100644
Binary files a/example/wv_cas_key_fetcher_example and b/example/wv_cas_key_fetcher_example differ
diff --git a/example/wv_cas_types_example b/example/wv_cas_types_example
index 6a18b11..63f3170 100644
Binary files a/example/wv_cas_types_example and b/example/wv_cas_types_example differ
diff --git a/example/wv_ecmg_example b/example/wv_ecmg_example
index ccd465b..6676d1f 100644
Binary files a/example/wv_ecmg_example and b/example/wv_ecmg_example differ
diff --git a/libmedia_cas_packager_sdk.so b/libmedia_cas_packager_sdk.so
index 7927fc5..6ee50ae 100755
Binary files a/libmedia_cas_packager_sdk.so and b/libmedia_cas_packager_sdk.so differ
diff --git a/media_cas_packager_sdk/public/wv_cas_types.h b/media_cas_packager_sdk/public/wv_cas_types.h
index 08256f2..36f9e4e 100644
--- a/media_cas_packager_sdk/public/wv_cas_types.h
+++ b/media_cas_packager_sdk/public/wv_cas_types.h
@@ -30,6 +30,7 @@ enum class CryptoMode : int {
   kDvbCsa3 = 3,
   kAesOfb = 4,
   kAesScte = 5,
+  kAesEcb = 6,
 };
 
 enum class ScramblingLevel : int { kPES = 0, kTS = 1 };
diff --git a/media_cas_packager_sdk/public/wv_ecmg b/media_cas_packager_sdk/public/wv_ecmg
index e54d05e..7108018 100644
Binary files a/media_cas_packager_sdk/public/wv_ecmg and b/media_cas_packager_sdk/public/wv_ecmg differ
diff --git a/media_cas_packager_sdk/public/wv_emmg b/media_cas_packager_sdk/public/wv_emmg
index 4adb93b..2d6c284 100644
Binary files a/media_cas_packager_sdk/public/wv_emmg and b/media_cas_packager_sdk/public/wv_emmg differ
diff --git a/protos/public/media_cas.proto b/protos/public/media_cas.proto
index 9427e59..4f92f25 100644
--- a/protos/public/media_cas.proto
+++ b/protos/public/media_cas.proto
@@ -71,6 +71,7 @@ message EcmMetaData {
     DVB_CSA3 = 4;
     AES_OFB = 5;
     AES_SCTE52 = 6;
+    AES_ECB = 7;
   }
   // Required. The cipher mode used to encrypt/decrypt the content.
   optional CipherMode cipher_mode = 1;
diff --git a/protos/public/media_cas_encryption.proto b/protos/public/media_cas_encryption.proto
index 12c3b27..a7e3d4d 100644
--- a/protos/public/media_cas_encryption.proto
+++ b/protos/public/media_cas_encryption.proto
@@ -61,6 +61,7 @@ message CasEncryptionResponse {
     // Optional label used for the key.
     optional string track_type = 3;
     optional KeySlot key_slot = 4;
+    optional uint32 period_index = 5;
   }
   optional Status status = 1;
   optional string status_message = 2;