On June 17, the popular video conference app, Zoom, officially announced that end-to-end encryption, or E2EE, has finally arrived for their software. It will be provided to both free and paid users, so long as their account has passed the company’s verification process.
According to the announcement, during the beta phase that will start from July, users should verify their phone numbers via a text message. The aim of this step is to prevent the mass creation of abusive accounts.
Zoom commented:
“We are confident that by implementing risk-based authentication, in combination with our current mix of tools - including our Report a User function - we can continue to prevent and fight abuse.”
The company says that all Zoom users will continue to use AES 256 GCM transport encryption as the default encryption, which they rate as “one of the strongest encryption standards in use today.”
E2EE as an optional function
According to Zoom’s whitepaper, E2EE will be an optional feature that limits some meeting functionality, such as the ability to include traditional PSTN phone lines or SIP/H.323 hardware conference room systems, says Zoom.
On May 7, Keybase, a secure messaging and cloud-based file-sharing services funded by the Stellar Development Foundation, became a subsidiary of Zoom. Its team will lead security engineering work to develop an end-to-end encryption feature available for paying customers.
Keybase co-founder, Max Krohn, joined Zoom as the lead of its security engineering team. Keybase’s services are verifiably signed by Keybase and hashed into the Stellar blockchain.
Recent controversies
Although its stats have skyrocketed due to the COVID-19 pandemic, Zoom has been accused of sending data from users of its iOS app to Facebook, and making false claims that video calls were encrypted, while half a million Zoom accounts have recently surfaced on the darknet.
On June 02, the Zoom’s CEO, Eric Yuan, said that they hope to create space for collaboration with the FBI and other authorities.
As reported by Cointelegraph, Zoom’s security failures have stimulated the development of blockchain-based video chat solutions.