Zoom, a videoconferencing service, recently announced that it will begin to allow its users end-to-end encryption of calls starting with a beta next month.
The feature which was previously available to paid enterprise users is now coming to both free and paid users. The company says it will be a toggle switch any call admin can turn on or disable, in the event they want to allow traditional phone lines or older conference room phones to join.
Zoom had earlier this month said it might not be able to guarantee end-to-end encryption for free users out of concern that the app could be used for unlawful activity. Strong encryption would make it difficult for the FBI and other law enforcement agencies to access the data on free calls.
A company spokesperson said, “Zoom does not proactively monitor meeting content, and we do not share information with law enforcement except in circumstances like child sex abuse.
“We plan to provide end-to-end encryption to users for whom we can verify identity, thereby limiting harm to these vulnerable groups. Free users sign up with an email address, which does not provide enough information to verify identity.”
The videoconferencing service had been caught in a fiery web of criticisms for security lapses since the outbreak of the COVID-19 pandemic as its number of users surged as many took advantage of it for virtual meetings and hangouts during the lockdown.
The company had however spent the time improving its security and worked on a new encryption solution.
The company’s security efforts though still a work in progress yet it seems it has figured out a way around the flaws. Zoom in a blog post explained, “To make this possible, Free/Basic users seeking access to E2EE will participate in a one-time process that will prompt the user for additional pieces of information, such as verifying a phone number via a text message.
“Many leading companies perform similar steps on account creation to reduce the mass creation of abusive accounts. We are confident that by implementing risk-based authentication, in combination with our current mix of tools — including our Report a User function — we can continue to prevent and fight abuse.”
