Which servers does FLOOR work on? Is my data encrypted?
We use AWS cloud server for storage. We highly prioritize privacy and security of data by encrypting the session's content, video, audio, and screen sharing via AWS. Also, we have Cert-in certification to show data security compliance.
FLOOR uses HTTPS and WSS (SSL/TLS) protocols for all client-server audio-video communications
Protocol: TLS 1.2 and above
Key Exchange using ECDHE_RSA with P-256
Cipher: AES_128_GCM
FLOOR does not store user passwords in plain text.
FLOOR uses the WebRTC standard for audio/video communication
All data transmitted via WebRTC are mandatorily encrypted in transit using standard AES (Advanced Encryption Standard) encryption which is the default cipher via SRTP (Secure Real-Time Transport Protocol), which is the security extension for network protocol designed for multimedia telephony along with DTLS (Datagram Transport Layer Security), which provides a secure communication protocol to prevent eavesdropping, modification, replaying and other such security attacks on datagrams.
In addition to the above, Media streams will be encrypted using aes-128-xts mode. (aes-256-xts, aes-128-ecb can also be supported based on configuration)
All data is encrypted at rest with AES 256 standard. Encryption keys are managed using FIPS 140-2 compliant Hardware Security Modules.
We currently do the following data encryption:
RS256
SHA256
MD5
mcrptt_decrpt
TECH STACK
Framework - Symfony
Streaming - WebRTC
Hosting - AWS + AZURE
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article