Encryption key overview

Genesys Cloud uses encryption to protect recorded voice interactions, digital interactions, screen recordings, and interaction transcripts from unauthorized access.

Encryption algorithm

Genesys Cloud’s encryption algorithm uses strong 3072-bit public/private key pairs to encrypt the Data Encryption Key (DEK), with the recording data encrypted with AES 256 bit encryption, to create unreadable records that may be safely stored off-premises. The use of long and strong cryptographic keys provides an effective defense against brute force attacks. Public and private keys in a pair are mathematically linked. The private key is used to decrypt anything encrypted by its corresponding public key.

Encryption key updates

Changing encryption keys regularly helps ensure the safety of your recorded interactions by limiting the number of recordings that a given key can access. For more information about how to change a key, see Modify the Key change schedule and Change key now.

Note: We recommend using scheduled key rotation with a short interval.
Note: You cannot currently download encryption keys.