Digital Samba Introduces End-to-End Encryption (E2EE) for Private and Group Video Calls

6 min read
August 23, 2023

Security and privacy are the number one priority at Digital Samba. We're thrilled to announce the release of our 'End-to-End Encryption' (E2EE) feature. 

With this update, we make end-to-end encryption for group calls available to our customers. Traditional methods require decryption of streams on the provider’s server before relaying them to other conferencing participants.
E2EE eliminates this potential weak point by ensuring the data is only decrypted by the intended recipient and provides a more secure path for all your embedded audio, video, screen sharing, and messaging data. 
This means that the data is only accessible to the intended recipients and cannot be read or modified by unauthorised users.

E2EE for Large Group Calls

Unlike many providers who limit end-to-end encryption (E2EE) to 1-1 sessions, Digital Samba stands out by offering E2EE for group calls, currently supporting up to 100 participants. We're not stopping there; plans are underway to extend E2EE to even larger calls in the near future.

Whether you're hosting a private one-on-one discussion or a sizeable team meeting, with Digital Samba, you can be assured that your communications are encrypted and protected at all times.


In the realm of real-time communication, WebRTC employs DTLS-RTP as its foundational transport encryption mechanism, serving as a robust protective layer for transmitted data. In straightforward peer-to-peer configurations, this encryption inherently safeguards data between participants.
However, when scaling to accommodate larger conferences, the architecture transitions to the Selective Forwarding Unit (SFU). Within this structure, data traverses a central server prior to distribution to attendees. 
To counteract this vulnerability, Digital Samba integrates E2EE, introducing an advanced encryption stratum. E2EE ensures impenetrable confidentiality, rendering the data inaccessible, even to intermediary servers.
E2EE guarantees that streams are encrypted to the extent that even we, as the service provider, cannot access the raw data.

Even Digital Samba cannot access the raw data

E2EE ensures impenetrable confidentiality, rendering the data inaccessible, even to intermediary servers. The streams are encrypted to the extent that even we, as the service provider, cannot access the raw data.


Key Features of End-to-end Encryption in Digital Samba

By offering E2EE with a developer-first approach, Digital Samba ensures that both the user experience and the backend processes are secure, making it a top choice for developers who prioritise security in video conferencing tools. 


Enhanced Security with an Additional Layer of Protection

To enhance your security measures, we have implemented an additional security code feature. When users click on the E2EE green badge icon inside the room, they will be presented with an 80-digit security code.

E2EE v3-1

This code is a cryptographic SHA-256 hash of the public keys of all users within the room. To ensure there are no eavesdroppers or malicious man-in-the-middle attackers, users can compare each other's security code values through voice communication or by copying and pasting the code out of band, such as through a chat message in another application.

E2EE v3 (1)

This added layer of security further reinforces our commitment to providing a safe and protected video conferencing environment.


How to enable E2EE in Digital Samba using the Dashboard

With E2EE, you can have peace of mind knowing that your communications are protected from potential eavesdroppers. Of course, you need to turn on E2EE for your room if you are planning to use it. To set up End-to-End Encryption (E2EE) for all rooms by default:
  1. Visit and log in to the Digital Samba dashboard.
  2. Navigate to "Rooms" and then select "Default Room Settings" or click here.
  3. Under the "General" tab, locate the "End-to-end encryption" option and switch it on.
  4. Confirm and save your changes. This will activate E2EE for all rooms associated with your account.

For room-specific E2EE adjustments:

  1. Go to "Room" settings and select "Edit" for the desired room.
  2. In the "General" tab, find the "End-to-end encryption" setting.
  3. Toggle the setting as needed.
  4. Click "Update the room" to save your preferences.

Enabling E2EE in Digital Samba via API

To activate End-to-End Encryption (E2EE) using Digital Samba's API, you'll need to utilise the e2ee_enabled property when creating or updating a room. Here's a step-by-step guide:

  1. API Endpoint: To create or edit a room, make a POST request to the following endpoint:

  2. Request Payload: In your request body, include the necessary room properties. To enable E2EE, set the e2ee_enabled property to true. For example:
  "name": "Your Room Name",
  "description": "Room Description",
  "e2ee_enabled": true,
  ... // other room properties

3. Send the Request: Using your preferred API client or tool, send the POST request with the payload.

4. Check the Response: Upon successful room creation or update, you should receive a response confirming the room details, including the status of the e2ee_enabled property.

For more detailed information and other available properties, refer to the official Digital Samba documentation. Remember to always use secure methods when making API requests and handle responses appropriately.

Note on Availability

While E2EE offers robust protection for live communications, it's important to note that with E2EE enabled, features like recording or transcriptions are unavailable. This is because E2EE ensures that streams are encrypted to the extent that even we, as the service provider, cannot access the raw data.

As a result, any functionality requiring the reading of raw data, such as transcriptions, is inherently incompatible with an E2EE-encrypted stream.

E2EE is now available to all users who have it contracted as part of their plan. To fully harness the power of E2EE for one-on-one or group video conferences on your website or app, get in touch with our team today.

Digital Samba's Commitment to Privacy

“We’ve designed our service to be data-agnostic: nothing is tracked. We’re proud to say we meet all GDPR requirements and make them available in a beautiful UI.”
Robert Strobl,

CEO and Founder of Digital Samba.

Digital Samba stands firm in its commitment to user privacy. We don't gather or share customers’ or users’ data. Proudly European, Digital Samba is fully aligned with GDPR standards. Prioritising privacy, Digital Samba has structured its platform to be data-agnostic. Try it here, no signup required. 

In Conclusion

Digital Samba, a pioneer in the video conferencing API industry, remains dedicated to ensuring the safety and security of its users. With the introduction of End-to-End Encryption, we're taking a significant step forward in ensuring that your video conferencing experience is not only seamless but also secure. 

For more updates and features, stay tuned to our blog. Your security is our priority!

To learn more about Digital Samba's commitment to privacy, download our security white paper.

Get Email Notifications