Written by Tim Starks
Zoom says it will preview its end-to-end encryption feature for all users, free and paid, as the first phase of its plan to fully roll out the security technology.
It’s the latest security step for a video conferencing platform that took off in the early days of the COVID-19 pandemic, but also underwent criticism over its user data protection mechanisms.
The technical preview of end-to-end encryption is the inaugural phase of four, the company said Wednesday, with the idea that it will solicit user feedback during a 30-day period. End-to-end encryption means that no outsiders can access a call, not even law enforcement or Zoom itself.
“In typical meetings, Zoom’s cloud generates encryption keys and distributes them to meeting participants using Zoom apps as they join,” the company explained in a blog post. “With Zoom’s E2EE, the meeting’s host generates encryption keys and uses public key cryptography to distribute these keys to the other meeting participants. Zoom’s servers become oblivious relays and never see the encryption keys required to decrypt the meeting contents.”
In May, Zoom said it would only offer end-to-end encryption to paid users. By June, it reversed the decision and expanded its plans to include free users.
In April, amid criticism from security experts and as the word “Zoombombing” sprung into existence to describe outsiders invading Zoom calls to post offensive content, the company apologized and pledged to spend the next 90 days working on security.
“End-to-end encryption is another stride toward making Zoom the most secure communications platform in the world,” Zoom CEO Eric Yuan said Wednesday. “This phase of our E2EE offering provides the same security as existing end-to-end-encrypted messaging platforms, but with the video quality and scale that has made Zoom the communications solution of choice for hundreds of millions of people and the world’s largest enterprises.”