Zoom will offer stronger encryption for paid accounts
The plans have been confirmed by the company's security consultant Alex Stamos
Zoom is planning to roll out stronger encryption for businesses and institutions that pay for its service.
Zoom’s security consultant Alex Stamos, who was poached by the company in early April, has confirmed the news but added that the plan was subject to change.
According to Reuters, Stamos has not yet decided whether stronger security measures could also potentially be rolled out for non-profit organisations or users in need of an extra layer of protection, such as political dissidents.
“At the same time that Zoom is trying to improve security, they are also significantly upgrading their trust and safety,” Stamos told Reuters in an interview published yesterday.
“The CEO is looking at different arguments. The current plan is paid customers plus enterprise accounts where the company knows who they are.”
He added that providing full encryption for every meeting would leave Zoom’s trust and safety team unable to add itself as a participant in gatherings to tackle abuse in real-time.
Zoom hired former Facebook security chief Stamos following numerous security incidents which threatened the immense popularity of the video conferencing platform, such as ‘Zoom-bombing’, which led to numerous companies and institutions banning the use of the platform.
Zoom attracted millions of users and became the most popular video conferencing platform globally. With the majority of its audience using the free version of the platform, Zoom might be trying to increase the number of its paid users and regain the trust of businesses by promising a higher level of security for its paid subscription models.
However, a similar announcement from Facebook, which plans to implement end-to-end encryption across all of its messaging systems, has garnered criticism from its shareholders.
Zoom had been previously criticised for not using end-to-end encryption despite specifically stating that it does on its website. The company finally implemented the 256-bit AES-GCM encryption standard in late April.
Consumer choice and the payment experience
A software provider's guide to getting, growing, and keeping customersDownload now
Prevent fraud and phishing attacks with DMARC
How to use domain-based message authentication, reporting, and conformance for email securityDownload now
Business in the new economy landscape
How we coped with 2020 and looking ahead to a brighter 2021Download now
How to increase cyber resilience within your organisation
Cyber resilience for dummiesDownload now