How YouTube Stores Downloaded Videos for Offline Playback: A Deep Dive
How YouTube Stores Downloaded Videos for Offline Playback
When you tap the Download button on a YouTube video, it feels instant and magical. But under the hood, there's a sophisticated system involving DRM encryption, adaptive bitrate selection, sandboxed file storage, and license management working in concert. Let's break it all down.
The Big Picture: What "Offline" Really Means
YouTube's offline feature is not the same as downloading an MP4 file to your camera roll. The downloaded content is:
- DRM-encrypted (you can't extract or play it outside the YouTube app)
- License-bound (expires after ~30 days or if you go offline too long)
- Stored in a sandboxed app directory (invisible to the file manager)
- Adaptive (quality is chosen based on your storage and network at download time)
This is by design — content creators and studios require it.
System Design Overview
Step 1: Format Selection — DASH and itag
YouTube uses MPEG-DASH (Dynamic Adaptive Streaming over HTTP) to serve video. Every video on YouTube is pre-encoded into dozens of combinations of resolution, codec, and bitrate — each identified by an internal itag value.
For offline downloads, the app fetches a manifest file (MPD — Media Presentation Description) that lists all available streams. Based on your selected quality (or "auto"), it picks separate video and audio streams and downloads them independently.
Key insight: YouTube separates video and audio into distinct streams for bandwidth efficiency. They are only muxed together during playback, not stored merged on disk.
Step 2: DRM Encryption — Widevine at the Core
YouTube uses Google Widevine, the most widely deployed DRM system on Android and smart TVs. On iOS, it uses FairPlay (Apple's DRM). Both follow the same conceptual flow:
The content encryption key is never stored in plain text. It lives inside the device's Trusted Execution Environment (TEE) — a hardware-isolated secure zone on the chip (e.g., ARM TrustZone). The app itself can't read this key; only the Widevine CDM (Content Decryption Module) can use it during playback.
License Expiry
The license has a Time-to-Live (TTL):
- Typically 30 days from download
- Requires going online at least once every ~30 days to renew
- If you uninstall YouTube or clear app data, the license (and thus the video) is gone forever even if the file bytes remain
Step 3: Where Are the Files Actually Stored?
On Android
Files are stored in the app's private internal storage or app-specific external storage, depending on the user's preference:
The .exo extension comes from ExoPlayer — Google's open-source Android media player used by YouTube. These files use ExoPlayer's DownloadManager cache format. They are:
- AES-128 or AES-CBC encrypted
- Unplayable outside the YouTube app
- Not visible in the Files app or any file manager (due to Android sandboxing)
On devices with an SD card, files can optionally be stored at:
Still sandboxed — only the YouTube app can access it.
On iOS
iOS uses the AVAssetDownloadTask API, which stores HLS (HTTP Live Streaming) encrypted segments inside the app container:
The .movpkg package contains encrypted MPEG-TS segments and a FairPlay-protected key blob. Again, invisible to the user and locked to the app.
Step 4: Chunked Downloading — How the Transfer Actually Works
YouTube doesn't download the entire video in one HTTP request. It uses range requests to fetch the file in chunks:
GET /videoplayback?id=xxxxx&itag=137&...
Range: bytes=0-524287
HTTP/1.1 206 Partial Content
Content-Range: bytes 0-524287/48123456
Content-Length: 524288
This enables:
- Pause and resume — the app tracks the byte offset and resumes from the last downloaded chunk
- Background downloading — chunks continue downloading even when the app is backgrounded
- Parallel chunk fetching — multiple range requests can run concurrently for speed
The app maintains a local download index (SQLite database) tracking:
- Which chunks have been successfully downloaded
- Retry count for failed chunks
- Total expected vs. downloaded bytes
Step 5: Playback — Decrypting On-the-Fly
When you play an offline video, here's what happens:
The decrypted frames are never written to disk — they exist only in memory buffers during playback. This is what prevents screen-recording tools from capturing protected content at the OS level (though screen recording still works at the display compositor level on most devices).
Storage Size Considerations
YouTube chooses video quality at download time based on:
A 10-minute video at 720p ≈ ~200 MB total (video + audio streams combined).
Why You Can't Just Copy the Files
A common question: "If I find the .exo files, can I copy them to my PC and play them?"
No. Even if you root your Android device and extract the raw bytes:
- The file is AES encrypted — without the content key, you get garbage data
- The content key is locked in the TEE — it never leaves the device's secure hardware
- The license blob is device-bound — tied to the device's hardware attestation ID
- ExoPlayer's cache format is non-standard and not directly playable by VLC, ffmpeg, etc.
This is Widevine L1 security (hardware-backed). Lower-end devices without a TEE fall back to L3 (software-only), which is why some screen-capture exploits work on cheap Android devices — but even then, you'd get a time-limited, device-locked file.
The Full System Design Diagram
Key Takeaways
The next time you tap that download icon, you're not downloading a file — you're acquiring a temporary, encrypted, device-locked license to a securely stored media artifact. Quite a bit more interesting than saving an MP4, isn't it?