Knowledge Center
What is RegFree Dialing™?
RegFree Dialing™ is Cloudonix’s security and privacy enhanced version of SIP for mobile and web applications
Knowledge Center
What is RegFree Dialing™?
RegFree Dialing™ is Cloudonix’s security and privacy enhanced version of SIP for mobile and web applications

Enhanced Security

Security and Privacy by Design

Traditional SIP is not a particularly secure protocol. It is known to be vulnerable to man-in-the-middle and session replay attacks, in addition to being highly vulnerable to password brute-forcing. RegFree™ Dialing employs a unique methodology that is more akin to modern OpenID security and authorization concepts, ensuring greater privacy and security.
  • To make a call, ephemeral tokens are used, which can only be used once.
  • Tokens are created by the customer, ensuring that no one, not even Cloudonix staff, has access to them.
  • Tokens can only be used once, using an old token to attempt a session replay attack will fail.
  • Tokens are used in both outbound and inbound call flow scenarios.
a group of people working on a transcoding network

What is RegFree Dialing™ Good For Exactly?

The RegFree Dialing™ protocol for Cloudonix allows mobile user agents to make and receive calls without maintaining a costly (in power and data) SIP registration and ensuring a higher level of security and privacy at the same time.

RegFree Dialing™ on a server side push-notification, to notify the mobile application of inbound calls. This methodology enables the mobile application to remain “dormant” – while ensuring the communications are always available, without consuming costly power and data resources. RegFree Dialing™ is especially useful when mobile users are expected to operate using mobile networks and without proper Wi-Fi connectivity (eg. Airalo users, etc).

The RegFree Dialing™ Workflow

Depending on the voice call direction (inbound or outbound), an ephemeral token is created – representing that voice call. The token is created by a the customers server and is notified to Cloudonix via the Cloudonix REST API  using the Call and Session Control API Methods.

Once the token has been notified to Cloudonix, the mobile application MUST use the that token to identify its dialing attempt to Cloudonix. Once a token had been used, it is no longer valid and can’t be used again.

Why Is This Better?

RegFree Dialing™ provides the following advantages over traditional Username/Password authorization, which is common in SIP communications:

  1. Stronger Authorization
    As token are ephemeral and can’t be reused, the possibility of a man-in-the-middle attack, hi-jacking the session is impossible.
  2. Stronger Authentication
    Authentication is delegated to the backend servers, ensuring the mobile application – which is unsecured by definition is nothing more than a mere terminal.
  3. Reduced Power Consumption
    Traditional SIP requires the remote mobile application to announce itself to the server on a periodic basis. This process consumes both battery and network resources. RegFree Dialing doesn’t require these updates and relies on mobile OS push-notifications, reducing both network and battery usage footprint.
Personal Training Session  Start Free   Contact Sales
Get a personal training session, provided by one of our solution engineers to get your up and running faster. A one hour, hand-on, remote video conference that will bring you up to speed with all the features and capabilities of Cloudonix and its powerful Make.com application.