Airmeet application runs on AWS cloud
Data of all users currently resides in India
Airmeet uses HTTPS and WSS (SSL/TLS) protocols for all client-server communications
Protocol: TLS 1.2 and above
Key Exchange using ECDHE_RSA with P-256
User passwords are never stored in plain text
Audio/Video communication happens over WSS (SSL/TLS)
Airmeet uses the WebRTC standard for audio/video communication
All data transmitted via WebRTC are mandatorily encrypted in transit using standard AES (Advanced Encryption Standard) encryption which is the default cipher via SRTP (Secure Real-Time Transport Protocol), which is the security extension for network protocol designed for multimedia telephony along with DTLS (Datagram Transport Layer Security), which provides a secure communication protocol to prevent eavesdropping, modification, replaying and other such security attacks on datagrams.
In addition to the above, Media streams will be encrypted using aes-128-xts mode. [aes-256-xts, aes-128-ecb can also be supported based on configuration]
- All data is encrypted at rest with AES 256 standard. Encryption keys are managed using FIPS 140-2 compliant Hardware Security Modules.