Zoom, which shot to popularity at the onset of the Covid-19 lockdown as the messiah of work from home protocols, is finally rolling out end-to-end encryption across all its apps on various platforms. The feature comes after months of privacy and security debacles surrounding Zoom, which has seen the service grow from a bit-part enterprise communication service to one of the most-used apps in the world. Zoom’s end-to-end encryption is rolling out effective immediately, and while that is great, enabling it will mean that users will have to sacrifice a number of convenient features, such as live streaming, cloud recording of meetings, live transcription and more.
As part of a global press release, Zoom has revealed that its end-to-end encryption is using 256-bit AES-GCM end-to-end encryption standard for encrypting all forms of communication on the app. Once enabled, Zoom will use public key cryptography to distribute encrypted keys, using which a meeting host can distribute secure invites for participants to join. In comparison to standard 256-bit AES encryption, with end-to-end encryption, not even Zoom’s servers will be able to view the information being relayed from one user to another.
However, Zoom has clarified that enabling end-to-end encryption will disable a number of other features, which include cloud meeting recordings, live streaming to social handles, live transcription, Breakout Rooms, live polling in meets, 1:1 private chats, join before host and meeting reactions. These features presumably relay meeting information off Zoom’s servers to provide added benefits such as live closed captioning – something that can really help users in cross-language meetings across nations.
Phase one of rolling out end-to-end encryption for both free and paid Zoom users is beginning now, and the company states that phase two will be undertaken in 2021. As Zoom shot to popularity, it was hammered by numerous privacy and security threats, including ways for malicious hackers to crash Zoom meetings with lewd content, steal financial and otherwise sensitive data, and other related activities. In response, Zoom hired ex-Facebook security chief Alex Stamos as its security head, and has since been working to roll out new security features, of which end-to-end encryption was one.
While Zoom initially faced backlash for offering end-to-end encryption only for paid users, it soon backtracked on its announcement and made it available for all. The new encryption standard will be applicable for meetings with up to 200 participants, and is available immediately as technical preview. As a result, for the next 30 days, Zoom users will be able to actively submit feedback regarding the feature to Zoom, in order to help them improve the service.