A New Paradigm in Business Communications – The WebRTC Phenomenon

Written by Alexandra Carballo Porto | November 9^th, 2021

The open standard WebRTC (real-time communication) has been gaining in popularity and triggered quite a revolution in the field of business communications. WebRTC technology enables the transfer of voice packages, video images or desktop sharing (Application Sharing) in real-time from browser to browser.

Communication via the internet is facilitated since no plugins or additional programs need to be installed. It can further be used free of charge (the original codecs Opus and VP8 do not require licenses) and the technical prerequisites are quite minimal: you need a device, a web browser that supports WebRTC technology and permission to access the webcam, microphone and loudspeaker of the end device.

The enormous potential of this technology led innovaphone to become one of the first VoIP technology manufacturers to integrate the WebRTC standard into its Unified Communications solution when it was not yet an official standard. The innovaphone PBX is standardly equipped with the necessary security and provisioning mechanisms to enable secure communication via WebRTC. This benefits both internal users within the company as well as external users establishing communication from outside with company services.

The real challenge was not to use the audio and video codecs recommended for multimedia exchange with the browser (according to the original WebRTC specifications such as OPUS or VP8). Instead, since communication via WebRTC can originate from an external and insecure network, it is necessary to ensure that a suitable and secure path is provided for this multimedia exchange between different users.

Security Protocols, Encryption Mechanisms and Codecs for WebRTC

These standard mechanisms and protocols, which enabled innovaphone to implement WebRTC solutions from the very beginning, include the DTLS-SRTP security protocol. This protocol enables point-to-point encryption, where only the end users know the key used for communication. In other words, the key that protects or encrypts the communication is not revealed in the exchange between different platforms when the communication is established during the signaling process. Rather, it is protected in the media exchange between end users.

The other essential protocol is ICE (Interactive Connectivity Establishment). It is used to find the communication destination when the other party is in another network and behind a router or NAT that provides only private or local addresses. The ICE protocol (through the mechanisms of STUN and TURN servers) is able to determine the correct route and IP protocol version to establish communication between the sender and receiver.

Even if these technologies are essential for WebRTC, it does not necessarily mean that they are always automatically included and supported by all manufacturers. If WebRTC is just integrated into the PBX via Media Relay so that end-to-end encryption is not guaranteed, security might be compromised. Since the innovaphone systems natively provide and support all relevant protocols and mechanisms for end-to-end encryption, communication via WebRTC will correctly be routed across any endpoint, regardless of private or public network.

…And from a Technical Standpoint?

Providing audio and video to the web browser is not one of the technical challenges of WebRTC. Rather, it is a matter of making sure that certain security parameters such as end-to-end encryption are met in order to ensure multimedia streaming as one component of secure business communications. Just about everybody has a browser that supports media streaming options and that connects to various devices for audio and video. Critical aspects in order to provide professional WebRTC services are the degree of encryption that is used to exchange passwords to establish communication or the underlying encryption protocol that is oftentimes invisible to users.

The advantages, tools, applications and services are manifold. Listed below are only a few select examples:

WebRTC for a simple and advanced mobility solution

Any device with internet connection plus browser enables the user to set up a digital workplace anywhere and on any device. The same tools and applications to work and communicate with are accessible just as it would be the case when working at the office. It is a perfect scenario for remote workplaces and mobile workforces, including hybrid scenarios.

Technological convenience that makes a difference

• Integration of billing systems
• Connecting different branches and company sites
• Centralized management
• One work and communication solution for all employees
• Money savings concerning telephone costs
• Real-time support via remote control
• Webinars for external participants
• Online seminar sessions and many more…

In Terms of Security, is WebRTC a Truly Secure Solution when Used on an Enterprise Level?

The data transfer takes place via SRTP (Secure Real-Time Transport Protocol) and a direct connection. Communication therefore takes place from browser to browser without the involvement of a streaming server. WebRTC establishes P2P connection via the protocols STUN and ICE and ensures secured encryption via DTLS.

Typically, user accounts or personal data are not required and this is why WebRTC is a fully secure and suitable technology in business environments. Over the past years, WebRTC has become increasingly popular to set up heterogenous and distributed scenarios. This allows external users outside the business network to communicate securely without needing to install additional software.