Zoom planning stronger security for paying customers: report

Zoom planning stronger security for paying customers: report
© Getty

Zoom will strengthen encryption protections for paying customers, an official with the video conferencing provider told Reuters Friday.

Security consultant Alex Stamos confirmed the move Friday after the company initially broached the subject Thursday during a call with civil liberties advocates and anti-sex abuse activists.

Stamos told Reuters the plan was still being finalized and that the company has not reached an ultimate decision on whether anyone beyond paying clients, such as nonprofits or political dissidents, would qualify for the accounts with stronger encryption.

ADVERTISEMENT

The company previously strengthened encryption for all users with the release of the latest version April 27, and is currently exploring options for end-to-end-encrypted video chats.

Lockdowns throughout most of the U.S. have led to an explosion in popularity for the service for uses including schooling, business meetings and social hangouts, but its newfound ubiquity has led to so-called “Zoom-bombings,” often featuring explicit and racist language, by uninvited attendees.

The tactic has targeted events including a virtual graduation ceremony for Oklahoma City University students and a virtual event aimed at preventing youth violence in Louisville, Ky.

The company hired Stamos, a former chief security officer for Facebook, after such security failures led some institutions to ban its use entirely.

“At the same time that Zoom is trying to improve security, they are also significantly upgrading their trust and safety,” Stamos told Reuters. “The CEO is looking at different arguments. The current plan is paid customers plus enterprise accounts where the company knows who they are.”

Stamos told the news service that full encryptions for all meetings would not solve the problem, as it would prevent the company’s trust and safety teams from entering meetings if those abusing the platform entered them. Meanwhile, an “end-to-end” format, in which only the participants and their devices would have access, would keep out anyone calling from a phone line.

Stamos and another person familiar with the matter said the company is also dealing with agencies such as the Federal Trade Commission, which are probing whether it has exaggerated or lied in previous claims about encryption.

“Zoom’s approach to end-to-end encryption is very much a work in progress - everything from our draft cryptographic design, which was just published last week, to our continued discussions around which customers it would apply to,” a Zoom spokesperson told The Hill.