In its efforts to strengthen security on the platform, Zoom is planning to add video call encryption to the paid versions of the service. In an exclusive interview with Reuters, Zoom security consultant, Alex Stamos said that the plan is still work in progress and will be subjected to change because of uncertainty over qualification criteria for non-profits and political dissidents to use more secure video calling service on the platform.
Stamos also clarified in the interview that only paid users will get more secure video calling, and that the capability will not be released for the free version of the service. Stamos explained:
“From a business perspective, it is hard to earn money when offering a sophisticated and expensive encryption service for free. Facebook is planning to fully encrypt Messenger, but it earns enormous sums from its other services”.
Zoom Security Concerns
The prevailing global COVID-19 pandemic has disrupted life but has been beneficial for Zoom. As all social, economic, political and educational activities have moved online, Zoom’s easy-to-host-and-join audio and video calls have gained tremendous popularity. The company reported up to 300 million daily users on the platform in March. However, that popularity served as a double-edged sword for the service and highlighted the weak security walls on the platform which led to many unfortunate incidents.
Zoom-bombing is a concerning issue on the platform, where miscreants joined meetings randomly and left racist, sexist, and pornographic comments and images. Such trolling during educational video conferences was pressingly disturbing for younger attendees.
Another concern is the easily exploited vulnerabilities on the platform which allow data poachers to steal private user information. In past months, there were a number of reports on Zoom user data leaked on the dark web being sold for cents. The service’s weak security walls got it banned from Google and other companies around the globe.
Luckily, the highlighted weakness have pushed the company towards resolving security issues to gain user trust. Alex Stamos said:
“At the same time that Zoom is trying to improve security, they are also significantly upgrading their trust and safety”.
He explained that the company is consciously not moving towards end-to-end encryption on the platform because in incidents of harassment, Zoom security team would not be able to know and remove the deviant account from the platform.
Through a series of updates, the company has addressed many security issues by establishing barriers to prevent Zoom-bombing and data theft. Read more:
- New Ringtones, File sharing, Joining from Multiple Devices, and More
- GCM encryption to protect user data
- Improved security interface and hides Meeting IDs by default