Vooler Security and Privacy Whitepaper
Overview of the Vooler Architecture
Vooler is developed on top of the following open source platforms:
- Jitsi – Video conferencing system
- JHipster – User management and application generator
Picture 1: Vooler Server Architecture
JHipster is used to do agent (room owners / moderators) management and authentication. Jitsi is used to implement video and voice chat rooms and their services. Both platforms are open source software and widely used.
Vooler runs it’s services in third party hosting services. Vooler is running it’s services for EU customers in the EU area.
The location of the visitor (video room visitor) can be wherever in the whole world. The Internet connection is used to transport video data as well as to communicate with Vooler server.
Web-page loadings and use of APIs between Vooler server and the user’s browser are encrypted by using the standard HTTPS protocol in the browser.
The video data transfer is using WebRTC protocol, which is a standard way to transfer video and other data between browsers and servers. There are two options how the video data is transferred between browsers:
- Video data of a small group of users is transferred directly (peer-to-peer) from one browser to another browser. This video data transfer uses WebRTC’s encryption. This means that the data is encrypted during the transfer from one user to another (end to end encryption).
- Video data of a bigger group of users is transferred from one user to Vooler server and there from to other users. The service quality requires that the video has to be processed in the Vooler server to meet the network and data processing requirements. The video data is encrypted between the user’s browser and Vooler server. In Vooler server it will be processed in the server’s memory before it is sent to all users as encrypted. The video data is processed in real time in the server’s memory and it is not stored on the disc.
Picture 2: Peer to peer and browser-server-browser video transfer
WebRTC encrypts information (specifically data channels) using Datagram Transport Layer Security (DTLS). All data sent over RTCDataChannel is secured using DTLS.
DTLS is a standardised protocol which is built into all browsers that support WebRTC, and is one protocol consistently used in web browsers, email, and VoIP platforms to encrypt information. The built-in nature also means that no prior setup is required before use. As with other encryption protocols it is designed to prevent eavesdropping and information tampering. DTLS itself is modelled upon the stream-orientated TLS, a protocol which offers full encryption with asymmetric cryptography methods, data authentication, and message authentication. TLS is the de-facto standard for web encryption, utilised for the purposes of such protocols as HTTPS. TLS is designed for the reliable transport mechanism of TCP, but VoIP apps (and games, etc.) typically utilise unreliable datagram transports such as UDP.
|Download of Web page (UI) content||HTTPS encryption (TLS)|
|Data traffic between API of Vooler server and browser.||HTTPS encryption (TLS)|
|Peer to peer video traffic between browsers (small group of users)||WebRTC encryption (DTLS)|
|Video data traffic between Browser and server||WebRTC encryption (DTLS)|
Use of Third Party Analytics
Vooler uses Google Analytics for service maintaining, development and special reporting to customers.
It is possible to buy a dedicated service without Google Analytics.
Users may use the server in network (WiFi) hotspots which are using firewalls to protect the local networks against Internet threats. The usual firewall setups are compatible with the service requirements which are listed in “Vooler Hardware Guide” page.
User Login to the Service
- Video room owner (agent) logins by using email login link. S/he gives the email address in the login page, clicks the login link in the email reader and login is done. There is no need to remember passwords. Login permission ends when the employee does not have access to the work email anymore.
- Other users enter the video room by using a link which can be kept secret or public, depending how the video room is used and how secret the room is. The link itself is the secret invite to the room and room owner decides how selective the invite should be.
Optional extra security: A video room can have password protection. This means that the room owner adds a password for the video room and shares it with invited participants.
Default Vooler service is never recording any video or chat content. However, the customer may want to do recording. There are following recording options available:
- Dropbox recording as a standard recording method which is controlled by the agent per each video meeting session. This means that the agent starts and stops the recording by clicking the record button as needed.
- Recording in the background can be done by using NextCloud service in germany. This gives an option to do recording of all meetings and store the recordings in a secure storage.
Vooler is GDPR compatible. The personal data protection in Vooler is divided into room visitor and agent data.
Room Visitor Data
Vooler does not collect any personal data from the visitors.
Agent and Admin Data
The agent and customer’s admin person have registered as Vooler users. Their personal data is under GDPR regulation.The customer owns this data.
Following personal data of agents is stored in JHipster:
- Name of andent / admin / room owner
- Email address
- Mobile phone number
- Room names
Users may give their names or profile pictures when joining rooms. They are stored in the users’ browsers and shared with the other users when they are in the same video room.
Chat messages are being stored only for the duration of the video meeting session and destroyed after it.
IP’s of the users are not stored on disc, only in the memory of the server.
Vooler takes automatic backups of the service and it’s data. Backups are in the same hosting centre as the server itself. Backup rotation is 30 days.