In a statement the company said, “Zoom released an updated E2EE design on GitHub. We are also pleased to share that we have identified a path forward that balances the legitimate right of all users to privacy and the safety of users on our platform. This will enable us to offer E2EE as an advanced add-on feature for all of our users around the globe – free and paid – while maintaining the ability to prevent and fight abuse on our platform.”
The company claimed that they will only make the feature available to users who provide a verified phone number. The official blog stated, “Free/Basic users seeking access to E2EE will participate in a one-time process that will prompt the user for additional pieces of information, such as verifying a phone number via a text message.”
The company plans to fight abuse by introducing this new authentication process combined with the existing tools like Report a User function.
The end to end encryption feature will initially be launched in a beta version in July. In the meanwhile, all Zoom users will continue to use AES 256 GCM transport encryption as the default option.
Once implemented, the hosts will be able to toggle end to end encryption on or off, in accordance with their needs. Account administrators will also have the authority to enable and disable the new encryption function at the account and group level.
The company claims the new encryption will limit some of the functionality of the platform like the ability to include traditional PSTN phone lines or SIP/H.323 hardware conference room systems.
E2EE will be an optional feature as it limits some meeting functionality, such as the ability to include traditional PSTN phone lines or SIP/H.323 hardware conference room systems. Hosts will toggle E2EE on or off on a per-meeting basis.
Account administrators can enable and disable E2EE at the account and group level.
We are grateful to those who have provided their input on our E2EE design, both technical and philosophical. We encourage everyone to continue to share their views throughout this complex, ongoing process.
Recently, Zoom hired former chief security officer at Facebook Inc Alex Stamos to help bolster its security and rolled out some major upgrades. The platform has been facing a lot of flak for issues with its security. Zoom was also under fire for not revealing to the user that they did not provide end to end encryption.