As in all areas of Stackfield, we place great emphasis on high security standards for telephony and screen sharing - from the selection to the implementation of the required resources. There is no need to download additional plug-ins, software or clients.
An overview of all security measures at Stackfield can be found at: https://www.stackfield.com/security.
Basic information: WebRTC
The transmission takes place based on the WebRTC (Web Real-Time Communication) standard, whereby all data streams must be encrypted. DTLS (Datagram Transport Layer Security) is used for the connection. The audio and video communication is additionally protected by SRTP (Secure Real-Time Transport Protocol). This means that the data is transport-encrypted during transmission via the internet.
The transport encryption is applied either during the transmission from client to client (peer-to-peer) or between the client and the provider's server (= Stackfield).
Due to technical limitations of a browser, conventional communication tools only offer the indirect way via the own server for video calls.
Encryption of the telephony channels
Note: The following information applies to all rooms or chats, regardless of whether additional encryption has been activated or not. Thus, it makes no difference for the encryption of calls whether they are started via encrypted or unencrypted rooms.
On Stackfield all 1:1 calls are end-to-end encrypted. These include audio direct calls, video direct calls, and screen transmissions from one person to another via direct messages.
Group calls (audio, video, and group screen transmissions via group chats or events), on the other hand, are transport-encrypted (based on the WebRTC standard), since they run via Stackfield's server due to higher computing and bandwidth requirements. This server distributes the streams to the individual clients. Here, some additional security standards apply:
- There are no recordings or transcripts of any calls made or stored at Stackfield.
- There is no tracking* of the conference participants, i.e. there is no history of who participated in a call or who connected/disconnected and when.
- There won’t be any (hidden) analysis of metadata, users or communication.
- The transfer of data to third parties is strictly prohibited.
*Notes: To enable the telephony function, the communication partners are informed of the public or private IP address of the devices. A history of some metadata of calls such as the status (connection connection attempt, connected) as well as when and by whom the conference was started/ended will be created.