Question
What are the security features of the Vonage Video API (formerly TokBox OpenTok).
Applies To
- Video API
- Security
- Encryption
Answer
Multi-Layered Security
The Video API platform implements security at multiple levels. Vonage Video API’s security measures include restricting endpoint access to sessions, providing a role-based security model, and securing the basic voice and video traffic that moves through the Video API cloud and between endpoints.
Vonage Video API is fully based on proven, open standards, written by industry experts, and used for years in commercial products. The core protocols providing WebRTC Video API security are SRTP for media traffic encryption, and DTLS-SRTP for key negotiation, which are defined by the IETF.
Encryption
Vonage Video API WebRTC-compatible endpoints use the AES cipher with 128-bit keys to encrypt audio and video, and HMAC-SHA1 to verify data integrity.
During peer-to-peer connections (including connections relayed through cloud-based TURN servers), the Vonage Video API endpoints generate random keys at the beginning of the session and in addition they change periodically during the conversation to make it even safer. For connections leveraging the Video API’s cloud-based scaling capabilities, the Video API cloud acts as an endpoint and participates in the key generation activity. In both cases, in order to increase security, keys are ephemeral, with their validity lasting only for a short period of time. They are neither stored nor persisted anywhere.
Articles in this section
- How to get copy of Service Agreement for Video API account?
- What security features does Vonage Video API implement?
- What are the implications of encryption on my app?
- Which TLS Cipher Suites are supported with the Vonage Video API?
- Where are the Media Encryption Keys created?
- How can I get a Vonage SOC Type II Report for Video?