Security & Encryption
Security is not a feature — it's a protocol requirement. Every layer of CallJots is built on carrier-grade encryption standards.
🔒 End-to-End Encrypted Calls
Every media stream is encrypted via SRTP + DTLS-SRTP (RFC 3711 / RFC 5763). Key exchange uses ephemeral ECDH, ensuring forward secrecy — a compromise today cannot decrypt yesterday's calls. Your conversations stay yours, always.
🔒 AES-256 at Rest
Call notes, transcripts, and all user data are encrypted at rest using AES-256. Keys are managed per-user with zero-knowledge architecture — we cannot read your notes even if we wanted to.
🔒 TLS 1.3 Everywhere
All API traffic, web interfaces, and inter-service communication travels over TLS 1.3. No exceptions. No fallback to weaker ciphers.
🔒 Zero-Knowledge Architecture
Built on the same principles as the Matrix protocol. Encryption keys never leave your device. We cannot access your calls, your notes, or your data. No one else has the keys but you.
🔒 Carrier-Grade Infrastructure
16+ years of telecom security experience. STUN/TURN/ICE NAT traversal. SIP over TLS. RTP with SRTP. Every protocol hardened against the same attack vectors that carrier networks face daily.