Talk to the team
Talk to the team
Talk to the team
WebRTC Company News
Security

Digital Samba Introduces End-to-End Encryption (E2EE) for Private and Group Video Calls

by Digital Samba
6 min read
August 23, 2023

Security and privacy are the number one priority at Digital Samba. We're thrilled to announce the release of our 'End-to-End Encryption' (E2EE) feature. 

With this update, we make end-to-end encryption for group calls available to our customers. Traditional methods require decryption of streams on the provider’s server before relaying them to other conferencing participants.
 
E2EE eliminates this potential weak point by ensuring the data is only decrypted by the intended recipient and provides a more secure path for all your embedded audio, video, screen sharing, and messaging data. 
This means that the data is only accessible to the intended recipients and cannot be read or modified by unauthorised users.
 
EU_badges_1
Contact the Digital Samba team today

Integrate E2E-encrypted video calls into your website our app

Contact the Digital Samba team today

E2EE for Large Group Calls

Unlike many providers who limit end-to-end encryption (E2EE) to 1-1 sessions, Digital Samba stands out by offering E2EE for group calls, currently supporting up to 100 participants. We're not stopping there; plans are underway to extend E2EE to even larger calls in the near future.

Whether you're hosting a private one-on-one discussion or a sizeable team meeting, with Digital Samba, you can be assured that your communications are encrypted and protected at all times.

DTLS and E2EE

In the realm of real-time communication, WebRTC employs DTLS-RTP as its foundational transport encryption mechanism, serving as a robust protective layer for transmitted data. In straightforward peer-to-peer configurations, this encryption inherently safeguards data between participants.
 
However, when scaling to accommodate larger conferences, the architecture transitions to the Selective Forwarding Unit (SFU). Within this structure, data traverses a central server prior to distribution to attendees. 
 
To counteract this vulnerability, Digital Samba integrates E2EE, introducing an advanced encryption stratum. E2EE ensures impenetrable confidentiality, rendering the data inaccessible, even to intermediary servers.
 
E2EE guarantees that streams are encrypted to the extent that even we, as the service provider, cannot access the raw data.
 

Even Digital Samba cannot access the raw data

E2EE ensures impenetrable confidentiality, rendering the data inaccessible, even to intermediary servers. The streams are encrypted to the extent that even we, as the service provider, cannot access the raw data.

 
 

Key Features of End-to-end Encryption in Digital Samba

By offering E2EE with a developer-first approach, Digital Samba ensures that both the user experience and the backend processes are secure, making it a top choice for developers who prioritise security in video conferencing tools. 

Video and audio stream encryption

Utilising advanced cryptographic algorithms, E2EE ensures that every frame of your video and every sample of your audio streams is encrypted. Developers can be assured that the integrity and confidentiality of their media streams are maintained, irrespective of the network conditions or the devices used.
Video and audio stream encryption

Secure screen sharing

E2EE ensures that all shared content is encrypted at the same robust level as primary video feeds. This guarantees that any sensitive data or proprietary information displayed during screen sharing is safeguarded against unauthorised access or potential breaches.
Secure screen sharing

Encrypted chat messages

E2EE encrypts all text messages sent, ensuring complete privacy in written communications.
Encrypted chat messages

API integration

For developers looking to integrate Digital Samba into their platforms, our API documentation provides detailed guidelines on how E2EE can be implemented and customised according to specific application needs.
API integration

Encrypted user names

Every user name entered is protected by end-to-end encryption (E2EE), guaranteeing the utmost security for your personal data and that of your end users. Not even Digital Samba has the ability to identify these user names.

Encrypted user names
 

Enhanced Security with an Additional Layer of Protection

To enhance your security measures, we have implemented an additional security code feature. When users click on the E2EE green badge icon inside the room, they will be presented with an 80-digit security code.

E2EE v3-1

This code is a cryptographic SHA-256 hash of the public keys of all users within the room. To ensure there are no eavesdroppers or malicious man-in-the-middle attackers, users can compare each other's security code values through voice communication or by copying and pasting the code out of band, such as through a chat message in another application.

E2EE v3 (1)

This added layer of security further reinforces our commitment to providing a safe and protected video conferencing environment.

 

How to enable E2EE in Digital Samba using the Dashboard

With E2EE, you can have peace of mind knowing that your communications are protected from potential eavesdroppers. Of course, you need to turn on E2EE for your room if you are planning to use it. To set up End-to-End Encryption (E2EE) for all rooms by default:
  1. Visit and log in to the Digital Samba dashboard.
  2. Navigate to "Rooms" and then select "Default Room Settings" or click here.
  3. Under the "General" tab, locate the "End-to-end encryption" option and switch it on.
  4. Confirm and save your changes. This will activate E2EE for all rooms associated with your account.


For room-specific E2EE adjustments:

  1. Go to "Room" settings and select "Edit" for the desired room.
  2. In the "General" tab, find the "End-to-end encryption" setting.
  3. Toggle the setting as needed.
  4. Click "Update the room" to save your preferences.

Enabling E2EE in Digital Samba via API

To activate End-to-End Encryption (E2EE) using Digital Samba's API, you'll need to utilise the e2ee_enabled property when creating or updating a room. Here's a step-by-step guide:

  1. API Endpoint: To create or edit a room, make a POST request to the following endpoint: https://api.digitalsamba.com/v1/rooms

  2. Request Payload: In your request body, include the necessary room properties. To enable E2EE, set the e2ee_enabled property to true. For example:
{
  "name": "Your Room Name",
  "description": "Room Description",
  "e2ee_enabled": true,
  ... // other room properties
}

3. Send the Request: Using your preferred API client or tool, send the POST request with the payload.

4. Check the Response: Upon successful room creation or update, you should receive a response confirming the room details, including the status of the e2ee_enabled property.

For more detailed information and other available properties, refer to the official Digital Samba documentation. Remember to always use secure methods when making API requests and handle responses appropriately.

Note on Availability

While E2EE offers robust protection for live communications, it's important to note that with E2EE enabled, features like recording or transcriptions are unavailable. This is because E2EE ensures that streams are encrypted to the extent that even we, as the service provider, cannot access the raw data.

As a result, any functionality requiring the reading of raw data, such as transcriptions, is inherently incompatible with an E2EE-encrypted stream.

E2EE is now available to all users who have it contracted as part of their plan. To fully harness the power of E2EE for one-on-one or group video conferences on your website or app, get in touch with our team today.

Digital Samba's Commitment to Privacy

“We’ve designed our service to be data-agnostic: nothing is tracked. We’re proud to say we meet all GDPR requirements and make them available in a beautiful UI.”
01_robert
Robert Strobl,

CEO and Founder of Digital Samba.

Digital Samba stands firm in its commitment to user privacy. We don't gather or share customers’ or users’ data. Proudly European, Digital Samba is fully aligned with GDPR standards. Prioritising privacy, Digital Samba has structured its platform to be data-agnostic. Try it here, no signup required. 

In Conclusion

Digital Samba, a pioneer in the video conferencing API industry, remains dedicated to ensuring the safety and security of its users. With the introduction of End-to-End Encryption, we're taking a significant step forward in ensuring that your video conferencing experience is not only seamless but also secure. 

For more updates and features, stay tuned to our blog. Your security is our priority!

To learn more about Digital Samba's commitment to privacy, download our security white paper.

Dont risk your data security with - download our security white paper digital samba-2

The Digital Samba Security White Paper

Download now

The Digital Samba Security White Paper
Previous story
← Top 15 Features of LMS Software
Next story
How to Configure Your Room Default in Digital Samba Using the Dashboard →
The Future of Privacy: Exploring End-to-End Encryption (E2EE) in WebRTC
The Future of Privacy: Exploring End-to-End Encryption (E2EE) in WebRTC
Security

The Future of Privacy: Exploring End-to-End Encryption (E2EE) in WebRTC

April 11, 2023 9 min read
Digital Samba 2022 Year in Review
Company News

Digital Samba 2022 Year in Review

December 20, 2022 5 min read
WebRTC Security: Best Practices and Considerations
Understanding WebRTC Security: Best Practices and Considerations
WebRTC

WebRTC Security: Best Practices and Considerations

June 20, 2023 8 min read

Get Email Notifications