Spoke has implemented "bank-grade" call recording security to ensure that only eligible users are able to play a call recording.
Here is how Spoke's secure call recording works:
- The call is recorded over HTTPS on Twilio.
- Once the call recording (audio file) is generated, Spoke deletes the audio file off Twilio, and moves it to a secured Spoke Phone s3 bucket on AWS.
- Spoke then generates a tokenized URL for [accessing] the call recording.
- The tokenized URL expires after 15 minutes.
- To access the recording, a new token has to be generated, which is automatically done by the Spoke Phone app and Account portals when accessing call recordings from inside the Spoke Phone ecosystem.
- If anyone were to share the call recording URL (inside or outside outside the company), no one can play the call recording unless they generate a new token, which they cannot do without the correct encryption keys and applications.
Customers are also able to move and/or copy the call recording from/off Spoke to their own servers (for storage or further analysis, etc.), and Spoke can automate that as part of the customer's implementation.