All media traffic is encrypted no matter the endpoint you use (web or mobile) or the session setup you choose (P2P or multiparty). That means that you are safe when using OpenTok solution even if use it in an open public hotspot.
Is it based on a proprietary solution?
No, we don’t believe in proprietary solutions when we talk about security. OpenTok is fully based on proven standards, written by industry experts, and used for years in commercial products. The core protocols providing WebRTC OpenTok security are SRTP for media traffic encryption and DTLS-SRTP for key negotiation, which are defined by the IETF.
What are the encryption algorithms and strength of the keys being used?
OpenTok WebRTC-compatible endpoints use the AES cipher with 128-bit keys to encrypt audio and video, and HMAC-SHA1 to verify data integrity.
What keys are being used for the encryption?
The endpoints generate random keys at the beginning of the session and in addition they change periodically during the conversation to make it even safer.