Welcome.
My account  Sign Up
0
Username: Password:
Forgot your Username or Password?
Supported devices
ATA Adaptors
IP Phones
Cordless DECT IP Phones
IP Conference Phones
IP PBX Software/Hardware
Desktop Softphones
Mobile Softphones

Security considerations for Callcentric customers

3CX
3CX Version 6
3CX Version 12
3CX Version 12.5
3CX Version 15
3CXPhone (for Windows)
3CXPhone (Mobile)
Aastra 6753i
Acrobits/Groundwire for iPhone
Android SIP Client
Apivio MWP1100
Asterisk 1.4 and 1.2
Asterisk 1.6
Asterisk 1.6.2, 1.8, and 10
Asterisk Admin GUI
Bria Desktop
Bria Mobile
Callcentric Android App
Callcentric iPhone App
Callcentric Softphone
Cisco ATA 186/188
Cisco SPA112/SPA122
CloudTC Glass 1000
CSipSimple
D-Link DVG-1402S
Ekiga
Elastix
Gigaset A510 IP
Gigaset C610A IP
Gigaset DX800A
Grandstream DP715/710
Grandstream GXP1450
Grandstream GXP1620
Grandstream GXP1625
Grandstream GXP2110
Grandstream GXP2160
Grandstream GXP2200
Grandstream GXV3140
Grandstream GXV3240
Grandstream GXV3275
Grandstream HandyTone 286
Grandstream HandyTone 486
Grandstream HandyTone 702
Grandstream Wave
HTek UC803
HTek UC926
Innomedia SIP MTA-6328
Jitsi
Linksys PAP2
Linksys SPA3102
LinPhone Desktop
LinPhone Mobile
NCH Axon PBX
NCH Express Talk
Nokia E90
Obihai
OBi100/110
OBi200/202
OBi1032
pbx-in-a-flash
pbxnsip
pbxnsip Version 3
PhonerLite
Polycom SoundPoint IP 601
Polycom SoundStation IP 5000
snom 1xx/2xx/3xx
snom 820
snom M9
snom ONE
SFLphone
SJphone
Telco AC-211
trixbox / Elastix / pbx-in-a-flash
Twinkle
Windows Messenger
UTStarcom F3000
Vodia PBX
VTech VCS754
VTech VSP600
VTech VSP725
VTech VSP726
VTech VSP735
VTech VSP736
X-Lite / X-Pro / eyeBeam
Yealink T32G
Yealink W52P
Yealink T42G
Yealink T46G
Yeastar MyPBX U100
ZoIPer
ZoIPer 3.2
ZoIPer Mobile
Zoom 5801
Other Linksys/Sipura products
Generic / Other Device

DID-Based Routing with Asterisk
DID-Based Routing with trixbox / Asterisk Admin GUI / Elastix / PBX-in-a-Flash
Security considerations for Callcentric customers

Your calls and login process for Callcentric are very secure. To login to your account you will need to enter your information on our secure HTTPS portal (https://my.callcentric.com). This information is encrypted and is not sent in the open.

Calls are made with the SIP/2.0 protocol which is built to work with point to point connections. Essentially your call authentication information is only sent between your VoIP equipment (hardware or software) and Callcentric and is encrypted.

Keep in mind that we do not listen in on calls or have access to users' login passwords. We believe in customer privacy at Callcentric, as disclosed in our privacy policy.


How can I be sure?

To further protect yourself there are a few steps you may take with your Callcentric account. The information provided below is provided to assist you in both securing your end and protecting your account(s) with Callcentric.

Secure passwords

Choose passwords which are not easy to decipher when opening your account. You may use a random password generator, such as the one found here. In addition to choosing a secure password for your Callcentric account you will want to make sure that your email password is also secured. You may change your web login password and/or phone password at any time here.

For users using devices/software requiring login, a secure password will also help. Most notably users using PBX software such as Asterisk, pbxnsip, 3CX... etc will definitely want to ensure they are using complex passwords as PBX systems are common targets for third parties to hack and use for fraudulent purposes. Weak passwords are the most common way a PBX extension(s) can be compromised and used for calls that will be charged to your Callcentric account.

We are not responsible for unwanted access to software or hardware, and calls made from these software and hardware, on the user's end.

Restrict calling areas

If you only call certain countries or areas of the world from your Callcentric account we suggest you disable calling to areas you either never or infrequently call. You can configure within Preferences under the setting "Allow calls" to allow calls "Everywhere" in the world (no restrictions), or you can choose to only allow calls to specific countries and/or regions of the world. For example if you never or rarely call anywhere in Africa you can choose to disable calls to all of Africa. When calling a region/country that has not been allowed you will be directed to an error message stating calls are not enabled to this area.

We strongly recommend customers using IP PBX's (such as Asterisk, 3CX, pbxnsip, etc) only enable calling to areas/countries you actually call as a fraud control should your IP PBX be compromised. This will in many cases prevent expensive calls from being placed on your Callcentric account should your IP PBX be compromised, as most fraudulent calls are placed to generally expensive and frequently un-called areas of the world by most of our customers.

Network settings

Most users today use routers to access the internet. While this may be advanced for some users we highly recommend that you check the basic security settings for your router to make sure that remote login is not enabled and, if it is, that it is secured with a strong password.

Remote access may also be investigated to make sure that only the wanted users have access to make changes and actually login to your network. A secure network will also lead to less worry, and not just with Callcentric.

Finally for some users, mainly users of PBX systems such as 3CX and especially Asterisk based systems, unwanted access should be a top concern. In general if you do not have a basic understanding of networks and authentication it is highly recommended that you speak to a professional or someone with more experience in these fields in order to make sure you are using the correct solution for your needs.

The list below provides some information which will certainly be beneficial in these cases:

NOTE: Some of the information below may be too advanced for certain users. If you do not understand the information below then we highly recommend visiting a forum or speaking with someone more familiar with these concepts.

  • Use port security options, such as fail2ban, portsentry, portmap...etc to secure local ports and monitor for unwanted traffic
  • Use firewalls to secure the system locally by limiting access for the services you actually need to run on your system
  • Blocking ports at the gateway/router level can also provide extra security for your network and is recommended
  • Block services which are not being used using xinetd.conf or inetd.conf
  • Properly secure ssh, ftp and/or telnet services to prevent unwanted access
  • Make sure the sudo command allows access to only the necessary users. This is done in the /etc/sudoers file on most unix systems
  • Make sure that the root account is secured and if necessary is disabled in favor of a user who can use the sudo command
  • Check your running services and disable any unneeded services. For example if you do not need an ftp server you may want to disable it
  • Make sure that local extensions on your PBX have secured passwords to prevent easy access


Callcentric services have proven to be among the best offered on the internet. We take pride in knowing that our clients have found what they are looking for. As such we believe that any single Callcentric client should be able to trust that we can deliver the features and services they need as well as believe that the client can access their accounts and use their software or hardware without any serious concern. We do hope that the above information has helped you secure your initial account options and welcome you to contact us if you have any further questions or issues.