Binding of cryptographic content using unique device characteristics with server heuristics

What is claimed is: 1. A method of binding cryptographic data to a device, the device comprising a device processor, a volatile device memory, and a non-volatile device memory, the method comprising: (i) receiving cryptographic data from a registration server using the device processor; (ii) securing the cryptographic data on the device, wherein securing the cryptographic data on the device comprises: collecting a combination of device characteristics that uniquely identify the device using information stored on the device and accessible to the device using the device processor; generating device match data based upon the collected combination of device characteristics using the device processor; registering the device with the registration server by sending the generated device match data to the registration server in order for the registration server to associate the device match data with the user account; hashing the generated device match data and storing the hashed value in non-volatile memory using the device processor; generating a device protection key using the device processor and the device match data and storing the generated device protection key in the volatile device memory; encrypting the cryptographic data using the device processor and the generated device protection key, wherein the encrypted cryptographic data comprises at least an identifier of a user account and a user key; and storing the encrypted cryptographic data in the non-volatile device memory using the device processor; (iii) upon receiving an attempt to access a protected function, verifying device match data on the device, wherein verifying device match data on the device comprises: re-collecting the combination of device characteristics that uniquely identify the device using information stored on the device and accessible to the device using the device processor; generating additional device match data based upon the re-collected combination of device characteristics using the device processor; hashing the additional device match data to generate verification hash value using the device processor; comparing the verification hash value to the stored hash value in the non-volatile memory using the device processor; when the comparison indicates a match, allowing access to the protected function using the device processor; and when the comparison indicates a mismatch, resetting the non-volatile memory on the device using the device processor, thereby deleting encrypted cryptographic data stored in the non-volatile memory on the device; and (iv) playing back a portion of a piece of encrypted content on the device, wherein playing back the portion of protected content comprises: receiving, using the device processor, a piece of encrypted content, wherein the piece of encrypted content is encrypted with a set of frame keys; receiving, using the device processor, an encrypted copy of the set of frame keys, wherein the encrypted copy of the set of frame keys is encrypted with a content key; receiving, using the device processor, an encrypted copy of the content key, wherein the encrypted copy of the content key has been encrypted using the user key of the cryptographic data; recovering the device protection key using the device processor and the additional device match data; decrypting the encrypted cryptographic data that is stored in the non-volatile device memory using the device processor and the recovered device protection key; decrypting, using the device processor, the encrypted copy of the content key using the user key; decrypting, using the device processor, the encrypted copy of the set of frame keys using the decrypted copy of the content key; the piece of encrypted content using the device processor and the decrypted copy of the set of frame keys; and playing back the portion of the piece of decrypted content using the device processor. 2. The method of claim 1 , wherein the combination of device characteristics is different for different categories of devices. 3. The method of claim 1 , wherein generating device match data based upon the collected combination of device characteristics using the device processor comprises generating device match data using at least one cryptographic hash function to produce device match data having a predetermined length. 4. The method of claim 1 , wherein the cryptographic data is associated with the user account. 5. The method of claim 1 , wherein registering the device with a registration server further comprises the device sending product provisioning characteristics to the registration server. 6. The method of claim 1 , wherein the registration server generates the device protection key using the device match data, and encrypts the cryptographic data using the device protection key. 7. The method of claim 1 , wherein the cryptographic data further comprises at least one SSL certificate. 8. The method of claim 1 , wherein encrypting the cryptographic data using the device protection key further comprises encrypting the cryptographic data using a provisioned encryption key and encrypting the provisioned encryption key using the device protection key. 9. The method of claim 1 , wherein securing cryptographic data on the device is performed prior to playing back the portion of a piece of encrypted content. 10. The method of claim 9 , wherein recovering the device protection key using the device processor further comprises: collecting the combination of device characteristics that uniquely identify the device using information stored on the device and accessible to the device using the device processor; generating device match data based upon the collected combination of device characteristics using the device processor; and generating a device protection key using the device processor and the device match data. 11. The method of claim 1 , further comprising validating the identity of the device. 12. The method of claim 11 , wherein validating the identity of the device comprises: collecting the combination of device characteristics that uniquely identify the device using information stored on the device and accessible to the device using the device processor; generating device match data by applying a cryptographic hash function to the collected combination of device characteristics using the device processor; and comparing the generated device match data to stored device match data associated with the device. 13. The method of claim 12 , wherein comparing the generated device match data to stored device match data associated with the device further comprises generating a token using the generated device match data and comparing the token to a stored token. 14. The method of claim 12 , wherein a server compares the generated device match data to stored device match associated with the device. 15. The method of claim 12 , wherein the device processor compares the generated device match data to stored device match data. 16. A device, comprising: a processor; a volatile device memory a non-volatile device memory storing a client application; wherein the client application directs the processor to: (i) receive cryptographic data from a registration server using the device processor; (ii) secure the cryptographic data in the non-volatile device memory, wherein to secure the cryptographic data in the non-volatile device memory the application directs the processor to: collect a combination of device characteristics that uniquely identify a device using information stored on the device and accessible to the processor; generat