A few months after being criticized for its partial management of encryption, Zoom announces the update of its videoconferencing service, which now supports end-to-end encryption and for all users, paid and free. After announcing a 90-day plan to integrate encryption and the buyout of Keybase, the message and file encryption specialist, Zoom is introducing encryption in its video conferencing tool. Zoom users now benefit from AES 256 GCM encryption. The news was announced by Eric S. Yuan, CEO and founder of Zoom, on the company’s blog.
” Since the release of Zoom’s End-to-End Encryption Design Draft (E2EE) on May 22, we have engaged with civil liberties organizations, our CISO board, child safety advocates, encryption experts, government officials, our own users, and others to gather feedback on this feature. We have also explored new technologies to enable us to offer E2EE to all levels of users.“Says Eric S. Yuan. “Today, Zoom publishes a new E2EE design on GitHub which will allow us to offer E2EE encryption as an advanced complementary function for all our users worldwide, free and paid, while retaining the possibility of preventing and fighting abuse on our platform“
Accessible to all accounts, the encryption function is optional and must be activated by the user, as it limits certain meeting functions, such as the use of traditional PSTN telephone lines or SIP / H hardware conference room systems. 323. Account administrators will be able to enable or disable E2EE at the account and group level. However, the activation of the end-to-end encryption function will be subject to an authentication step for users of Free / Basic accounts. This risk-based authentication step, combined with the previous tools implemented by Zoom, such as the “Report user” function, will prevent abuse, such as the now famous zoombombing.