The coronavirus epidemic has caused employees and students all over the world to switch to online alternatives for education and work. Zoom, the video conferencing platform, is one of the applications whose use has spiked amid the outbreak.
However, a new report has stated that Zoom meetings are not as safe as they are advertised because they do not come with end to end encryption despite their marketing material stating that they do.
End to end encryption normally means that no outsider has access to any conversations taking place within the app but it appears that Zoom is using its own definition of the term. As it turns out, Zoom itself has access to both video and audio being exchanged in a conference at all times.
When reached out for comment, a Zoom spokesperson said:
Currently, it is not possible to enable E2E encryption for Zoom video meetings. Zoom video meetings use a combination of TCP and UDP. TCP connections are made using TLS and UDP connections are encrypted with AES using a key negotiated over a TLS connection.
This type of encryption is known as transport encryption and it is different from E2E. This means that audio and video content on Zoom will stay private from anyone spying on the WiFi but won’t be private for the company. However, Zoom does claim that they do not have access to or sell personal user data.
Although Zoom is offering reliability in terms of usage, the fact that they lack E2E despite proudly marketing it everywhere raises a lot of concern for millions of users around the globe depending on the platform for their work.