Now, Zoom is changing its mind, by announcing everyone using the video conferencing software will receive AES 256 GCM protection. The feature won’t be limited to Zoom enterprise users. It’s coming to both free and paid users. It will appear as a switch any call, so administrators can enable or disable at the account or group level. Zoom indicated free users need to go through a verification process to enable encryption.
“Zoom does not proactively monitor meeting content, and we do not share information with law enforcement except in circumstances like child sex abuse,8221; said Zoom at the time. “We plan to provide end-to-end encryption to users for whom we can verify identity, thereby limiting harm to these vulnerable groups. Free users sign up with an email address, which does not provide enough information to verify identity.”
Zoom now appears to be backpedaling and simultaneously introducing a workaround, by offering free users encrypted calls if they do a one-time verification. They must provide additional information, such as verifying a phone number via a text. “Many leading companies perform similar steps on account creation to reduce the mass creation of abusive accounts,8221; Zoom explained.
Zoom described its verification process as 8220;risk-based authentication8221; that will 8220;fight abuse8221;. Once verified, Zoom will offer AES 256 GCM transport encryption by default, which it said is “one of the strongest encryption standards8221;.