Zoom will offer stronger encryption to non-paying users after all. Initially, the intention was to make end-to-end encryption available only for paying users.
Due to the worldwide shift in remote working caused by the coronavirus, the Zoom video communication app became one of the services that saw its user numbers increase dramatically. However, this increase in numbers also brought with it several security and privacy issues, which led to Zoom taking a few months to roll out updates to fix those issues. However, the improved encryption (end-to-end) would only be rolled out for users with a paid subscription.
The reason Zoom initially specified for this decision, was because Zoom didn’t want to offer an easy to use and secure service for malicious parties. With end-to-end encryption, police would have a much more difficult task accessing sent data which would make Zoom an attractive service for rogue parties.
To accommodate users without a subscription, Zoom asks for verification (for example, adding a telephone number via SMS) before the encryption can be used. Initially, the feature will be automatically turned off, according to CEO Eric Yuan to prevent traditional phone lines and certain conference phone systems from dialling into a Zoom meeting.
The beta for the end-to-end encryption will most likely take place next month, and the encryption will be released later this year. Until then, all users will receive the AES 256 GCM encryption, which will soon be added to competitor BlueJeans.