Table of Contents
Does EnableX store end-user data or published content?
EnableX plays no role in managing or storing end user’s data or information available on a call/chat/message. This is solely the responsibility of the Application Manager/Developer.
Back to Index
What customer data does EnableX have access to?
Refer to our Privacy Policy to learn about the customer information accessible by EnableX.
As for the end-users (users of the application developed using EnableX), EnableX does not collect any sensitive information of the end-users. EnableX only has access to the IP address and Browser user agents of the end-users.
Back to Index
What kind of security features does EnableX implement?
EnableX places great importance on the security and privacy concerns and implements the following measures to ensure the same:
- Signaling Encryption: HTTPS with PKI certificate validation
- All control plane messaging uses HTTPS
- Media Encryption: AES 256-bit encryption DTLS-SRTP for Audio, Video, and Shared Content.
- Infrastructure resides within its own private network and there is no access to the core infrastructure from the public network.
- Every request that is processed by the server needs a valid token authenticated by the system through APP_ID/APP_KEY.
| Data & Privacy Every user’s data including identity and payment information stays anonymous. | Infrastructure Security Fortified network with Private VPN accessible only via secure API gateway | Secure Protocol HTTPS authentication and secure RTP for media transportation |
| GDPR and HIPPA EnableX platform is GDPR compliant and HIPPA- ready which means that any business can trust EnableX with data privacy and confidentiality. | Encryption AES256 encryption for all voice, video, and signaling traffic | PKI Certificate Valid PKI certs for all customer-facing servers |
Video is encrypted at the sender endpoint. Each participant’s video is briefly decrypted in memory after arriving at the media server and is immediately re-encrypted before being sent out to other participants. This is required because webRTC does not allow the negotiation of a single set of DTLS keys between more than two participants.
Decrypted video is not stored on any server or storage device or transported over any network. Each participant in the EnableX video room negotiates its own DTLS/SRTP connection to the EnableX media server and all video streams are subscribed via a secure transport layer.
Back to Index