Resolving security issues on its platform, Zoom has released AES 256-bit GCM encryption with its latest version 5.0 update. The encryption mode is set as a protective barrier for user meeting data as resistance against possible hacking attempts.
As part of the upgrade process initiated on 27th April, Zoom users are requested to upgrade apps to version 5.0 with GCM protection by 30th May. After the deadline, the platform will force upgrade older Zoom app versions before commencing an online session.
How does GCM Encryption protect Zoom users
The Galois/Counter Mode, GCM, is an encryption algorithm designed for data confidentiality and authentication. This encryption algorithm is stream cipher which generates unique initialization vector, authentication tag and cipher text for each stream to ensure data protection. Thus, making it an ideal choice for video calls or conferences.
Although, the service does not support end-to-end encryption, 256-bit AES GSM is the much needed high-quality upgrade on the platform from the previously used 128 AES ECB.
Security risks and Cyber attacks
Zoom is designed to instantly commence audio and video conferencing with screen sharing capability via shared meeting ID. Therefore, the company did not invest in putting up strong security walls against cyber threats. After the app became relevant during the COVID-19 pandemic and gained millions of daily active users, they faced multiple cyber attacks, trolling incidents, data breaches and other vulnerbilities.
All the issues and concerns highlighted the weak areas of the platform. Acknowledging the prevailing security threat to users, Zoom has been working on ensuring a safe and protected environment on its service.
- Allowed users to report intruders to the company
- Improved security interface and hides Meeting IDs by default
- Enabled virtual waiting rooms and meeting passwords by default to stop trolling
Zoom is a unique platform which allows user to connect with a number of people conveniently, without making yet logging in. More importantly, the screen sharing feature gives it an edge over all other group calling services. If the company is able to ensure data and privacy protection for its users, the platform will continue to be relevant even after the pandemic is over.
The latest version of the app is available for all devices. Update your Windows, macOS, iOS and Android apps from here.
