Twilio Programmable Video is based on the open standard WebRTC protocol. The security architecture is described here and the protocols used include TLS, DTLS and SRTP. All communication between a Programmable Video client and the Twilio cloud is encrypted.
In the case of Group Rooms each participant has its own private key exchanged with the media server using DTLS 1.2/SRTP. All media published to or subscribed from the Room is transported through this secure connection. The encryption key exchange uses a technique known as Perfect Forward Secrecy (PFS). In the case of P2P Rooms and WebRTC Go Rooms the private key is exchanged directly with the remote peer.
In cases where TLS is required to establish the media path only TLS 1.2 is supported. The following is the supported cipher suite: