Want to keep the TNW Conference vibe going?? Tickets for TNW2022 are available now >>

The heart of tech

This article was published on October 15, 2020

Zoom is getting end-to-end encryption next week — but you’ll have to turn it on manually

Zoom is getting end-to-end encryption next week — but you’ll have to turn it on manually
Ivan Mehta
Story by

Ivan Mehta

Ivan covers Big Tech, India, policy, AI, security, platforms, and apps for TNW. That's one heck of a mixed bag. He likes to say "Bleh." Ivan covers Big Tech, India, policy, AI, security, platforms, and apps for TNW. That's one heck of a mixed bag. He likes to say "Bleh."

In June, after relentless pressure from privacy advocates, Zoom said that it’ll extend end-to-end encryption to free users of its video conferencing service, beyond its previous limit to only paying customers. Now, the company is set to roll it out starting next week, but just as a preview with certain limitations.

To be clear, Zoom‘s meetings were protected by AES 256-bit GCM encryption. So, your text, video, and audio were safe from snooping while in transit. However, these encryption keys were generated on Zoom‘s servers, and attackers could target it to snoop on users. On the other hand, if a meeting has end-to-end encryption protection, only participants will have these keys. 

In May, the company acquired Keybase.io, an encryption-based identity service, to build the end-to-end encryption offering.

Zoom says that encrypted meetings won’t be turned on by default. The host or admin has to enable it at the account, group, or user level. Plus, before each meeting, everyone has to turn it on explicitly to join. You’ll see a green shield on the top-left corner of your meeting screen to indicate that this meeting is protected by end-to-end encryption.

Enabling end-to-end encryption in a zoom meeting

If you’re a free user, to use end-to-end encryption, you’ll have to first verify yourself through two-factor authentication using a code sent to your phone via SMS.

In this preview stage, if you enable end-to-end encryption for your meeting, you won’t be able to use features such as joining before the host, cloud recording, streaming, live transcription, breakout rooms, polling, and 1-on-1 private chat. And while Zoom can host up to 1,000 participants on an enterprise plan, the end-to-end encryption feature will be limited to meetings with up to 200 participants. 

Zoom says that this feature will be in the beta phase for 30 days to collect feedback from users. The company is planning to roll out the second phase of end-to-end encryption (out of four planned phases) with better identity management.

Also tagged with