What peer-to-peer (P2P) video calls are — and why they can be more private
Last updated: July 2026
Most video calls do not go directly between the people on them. The audio and video travel up to a company's servers, get processed there, and come back down. A peer-to-peer (P2P) call skips that middle: the media goes straight from one device to another. It is a small architectural difference with a real privacy consequence — and it is worth understanding what it does, and does not, protect. This explains what P2P calls are, how they are encrypted, and where the approach genuinely has limits.
What a peer-to-peer call actually is
In a peer-to-peer call, two devices open a direct connection and send their streams to each other over it. The technology underneath is WebRTC, the same real-time engine built into browsers and native apps, whose default connection model is exactly this direct, device-to-device path.
A signalling server still helps the two sides find each other and exchange the details needed to connect — but once the call is established, the media itself does not route through it. In the normal case, your camera and microphone reach the other person without ever passing through a media server that could see or keep them.
How P2P calls are encrypted
WebRTC does not make encryption optional. Every media stream is protected with DTLS-SRTP: the two peers run a DTLS handshake to agree on keys, then the actual audio and video are encrypted with SRTP using those keys.
Because the keys are negotiated directly between the two devices, the media on that direct path is encrypted end to end — encrypted on your Mac, decrypted only on the other person's. Anything sitting in between sees ciphertext, not your conversation.
Why P2P can be more private
The privacy argument is mostly about where your call lives. In a server-relayed architecture, the media has to be handled by the vendor's infrastructure to be mixed, routed or recorded — which means there is a point where your unencrypted audio and video exist on someone else's machine, and potentially somewhere they can be stored, logged, or requested later.
In a direct peer-to-peer call there is no such point: media that never reaches a server cannot be retained or breached there. For a private one-to-one or small-group conversation, "it never left our two machines" is a stronger position than "the vendor promises to delete it."
The honest limits of P2P
Peer-to-peer is not free of trade-offs, and it is important to say so plainly:
- It does not scale. In a full mesh, every participant sends their stream to every other, which is N×(N−1) streams in total. That is fine for a few people, but past roughly five it exhausts most home and office upload bandwidth. This is why large meetings and webinars use a central media server — and why a genuinely peer-to-peer app keeps its group small on purpose.
- Restrictive networks can block the direct path. Some corporate firewalls and symmetric NATs simply will not allow a direct device-to-device connection. When that happens, the call needs a relay to get through at all.
- A relay changes the privacy math — but how much depends on the relay. A media server (an SFU) terminates the encryption and can see your streams. A packet relay (a TURN server) does not: it forwards the still-encrypted DTLS-SRTP packets without ever holding the keys, so it moves your media without being able to read it. The difference between "the server can see your call" and "the server only shuttles encrypted packets" is the whole point.
How Møt handles it
Møt is built on this model. Calls are peer-to-peer by default — audio and video go straight between Macs, and in the normal case nothing is stored on a server. It caps at five people, which is not an arbitrary number but the shape a mesh can actually sustain.
If your network blocks the direct path, an encrypted relay can carry the call so it still connects — and even then it is a packet relay, so the server never sees your decrypted media; the DTLS-SRTP keys stay between the Macs on the call. Møt is macOS-only and free during early access, with no account.
If you need a large meeting, a webinar, cloud recording, or people joining from a browser, a server-based tool is the right choice — see Møt vs Zoom for where each fits. If you want a small, private call that stays between the people on it, that is exactly what peer-to-peer is for.
Questions, answered
What is a peer-to-peer video call?
It is a call where two devices connect directly and send audio and video straight to each other, instead of routing the media through a company’s server. WebRTC, the engine behind most modern calls, uses this direct device-to-device path by default.
Are peer-to-peer video calls encrypted?
Yes. WebRTC mandates DTLS-SRTP: the two peers negotiate keys directly and encrypt the media with them, so on the direct path the audio and video are encrypted end to end — readable only on the two devices in the call.
Are P2P calls more private than Zoom?
They can be, because the media never sits on a vendor’s server to be stored or breached there. But P2P does not scale to large groups, and restrictive networks may need a relay. For big meetings, webinars or cloud recording, a server-based tool like Zoom is the better fit.
Do peer-to-peer calls always avoid servers entirely?
No. A signalling server still helps the two sides find each other and set the call up, and if the network blocks a direct connection an encrypted relay may carry the media. With a packet (TURN) relay the server only forwards still-encrypted packets and cannot decrypt them.