Only an authenticated broadcaster on your account can publish a stream.
When a stream token is created, it generates a unique serial code, called a Publishing Token, that identifies you as a valid broadcaster for this account. A token is a long chain of alphabetical and numeral characters that is difficult to reproduce randomly.
Nevertheless, if you think the original token was compromised, or simply to ensure that any previous users will no longer be able to use the original token, you can renew the stream token. You can find more information here:
The publishing token is accessible on your Millicast dashboard. Access to your Millicast account is password protected. Currently Millicast allows five login attempts before the user is blocked for 1 hour.
For additional security, you can also lockdown a publishing token to a specific domain, or IP address using allowedOrigins or allowedIpAddresses when creating the token via our API:
WebRTC, the technology we’re built on, is a web and Internet standard and encrypts media by default for transport using DTLS-SRTP. You may refer to the full web standard here:
As for the security of our servers: our platform is hosted on Digital Ocean which has ISO 2700 and SOC 2 certifications. Digital Oceans statement of certifications is available at: