Technical White Paper
The Matrx server is built on a scalable cloud computing infrastructure. Clients communicate with Matrx’s servers through TLS (https) or encrypted TCP/UDP tunnel.
All cloud servers are placed behind physical firewalls, equipped with IDS, anti-DDoS, and WAF applications. Hosts are assigned into different security groups and communication between cloud hosts will follow the strict network ACL. Besides, there is a vulnerability scanning procedure being constantly undertaken to monitor and block traffic seeking malicious access.
Matrx uses the most secure Advanced Encryption Standard AES-256 to protect data being transmitted through the public network.
To keep your conversations private and secure, Matrx uses end-to-end encryption for all calls, voice messages, chats, photo sharing, and file sharing between two individuals in the personal space. And provide options for enterprises to enable end-to-end encryption for calls and meetings in enterprise spaces.
The objective of end-to-end encryption is to ensure no external parties can access the data during transmission, meaning it leaves no trace on Matrx’s servers and provides the highest level of data protection.
Only the sender and receiver can decrypt messages, any third parties including the Matrx backend system cannot obtain the encryption key.
Matrx follows the Double-Ratchet Algorithm, which is widely regarded as the most secure approach to end-to-end encryption.
All meetings are secured by a meeting password, which can prevent any unexpected break-in. And an option to enable end-to-end encryption in meetings. Audio & Video streams of meetings are strongly encrypted while transmitting between clients and servers.