Skip to content

Privacy &

To ensure your video meetings are both secure and private, it's important to choose an API with the right features and measures for protecting your data.


Using end-to-end (E2E) encryption is an essential measure for any business that handles sensitive data, as it provides a secure connection between two parties involved in the conversation and ensures that only they can access the data. 

While there are 2 people, Eyeson API delivers the video to each other E2E encrypted. It uses the SFU mode of the Eyeson API.


100% Encrypted – at rest & in transit

When more people get added, the Eyeson API switches to MCU mode and delivers security in a different way. Everyone gets connected to the MCU and the MCU mixes the streams into one stream which gets delivered. We use AES-256 to encrypt streams in transit and at rest. Furthermore, the streams are protected by DTLS while in transit. 

Just in time - temporary meeting server The lifetime of the meeting servers is restricted to the time span of the meeting. When there is no meeting, there is no server. You cannot reopen a meeting server as it is created on demand.
Just enough access Since the server is only alive for the time of the meeting the attack surface for security breaches is getting smaller. Communication data or other data on the meeting server is not stored elsewhere. If a recording is triggered the recording will be handed over to the provided webhook but cannot be altered by a participant.

This principle of just enough access is also true for all streams coming to the MCU. Data shown in a video call is never submitted and stays in your system. What is transmitted is an image of the data. This is very important for enterprises with tiered access to private or sensitive data.
User verification by trusted channel Since our API is just creating the meetings the invites are encrypted links that can then be sent to the participants via a trusted channel. This can be either a message or an email that is held by a trusted partner.

In most installations, there is a login with additional security features before the meeting can be started. These range from hardware devices to 2-factor authorization.
Threat landscape is kept small Since there is only a limited number of connections outbound and inbound and there is no required software other than a web browser the threat landscape is kept small. No additional ports need to be opened in the firewall and no configuration overhead for the IT department.

Eyeson standard security & privacy features

  • Cloud-based infrastructure – which is easily scalable. There is no need for downloads or installations for participants.
  • Deploy where you want. Stay legally compliant and deploy on any cloud provider. If you prefer you can even deploy on-premise.
  • It works on every device and platform. Due to the architecture, it also works on devices with limited bandwidth.
  • 100% encrypted in transit and at rest. We use DTLS and AES-256 encryption to prevent 3rd parties hacking.
  • Limit access and secure video meetings by encrypted links and the possibility to lock meetings.
  • Everything is temporary. With our temporary servers, there is only temporary data. If you do not record and store the recording, everything will be available only for the lifetime of the video meeting.
  • 100% Privacy by design. We are compliant with GDPR, CCPA/CPRA, HIPAA and most probably also to similar privacy laws.

Grab your free API key & try it out

No credit card needed. 1000 minutes for free.

Talk to our experts

Description. Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt ut labore et