One of the controversies that have most affected Zoom’s reputation in recent months has revolved around end-to-end encryption of the video conferencing application… or rather its non-existence.
First, it was discovered that such encryption was not such, then it was ruled out that free users could access it once it was implemented. But now the company surprises us with a change of course that reinforces the privacy of the user.
Zoom recognized in March that the information circulates encrypted between the sender and the app’s servers, and between them and the receiver, but that, in between, the information remained exposed. According to a company spokesperson at the time, “E2E (end-to-end) encryption is not currently possible for Zoom video meetings.”
Shortly afterwards it became known that the case was even more serious, because part of the servers were located on Chinese soil. And already earlier this month, after having verified that all these controversies had not prevented them from growing dramatically in the number of users, the CEO of Zoom warned that they would only integrate end-to-end encryption for paid users, but not for the rest.
A beta encryption and limited functionality
However, the company has decided to change its mind, and has just announced that, after speaking with experts, government representatives and civil liberties and child protection organizations, the Zoom repository on GitHub has just added an update that includes an E2E encryption function for all users, including those with free accounts.
“This will allow us to offer E2EE as an advanced complementary feature for all of our users. […] while maintaining the ability to prevent and combat abuse on our platform. “
According to Zoom, access to this function (which we will not be able to see working until July, and even then only as ‘beta’) It will require an additional process of verification of personal information, such as sending a code by SMS to verify our mobile number.
“Many leading companies take similar steps in account creation to reduce the massive creation of abusive accounts. We are confident that by implementing this ‘risk-based authentication’ [podamos] continue to avoid and combat abuse. “
Another limitation of this system will be that, As long as encryption remains enabled, it will be impossible to include PSTN phone lines in the conversation traditional or SIP / H.323 conference room systems.
Track | Zooom blog
Zoom changes its plans and will implement end-to-end encryption for all users