US regulator criticized Zoom security

0
596

US regulator criticized Zoom security

The US Federal Trade Commission (FTC) held talks with the developers of the Zoom video conferencing platform, following which the company was ordered to improve encryption methods and revise its security policy. This was reported on the official website of the regulator.

Zoom End to End
Zoom End to End

It was noted that Zoom was misleading users by claiming end-to-end encryption on its website. “Zoom misled users into a false sense of security. This is not permissible, since the site was used for conferences in which medical and financial companies participated, “ – says the text of the document published by the FTC.

In March, the Zoom developers said that by end-to-end encryption, they meant that during conferences, information transmitted over the cloud is not decrypted by the server. But according to the FTC, Zoom had cryptographic keys that could allow the company or third parties to access user conferences.

“During the pandemic, many families, schools, and businesses are using video conferencing to communicate and work, making the security of these platforms more important than ever,” said Andrew Smith, director of the FTC’s Consumer Protection Bureau. –  Security techniques Zoom does not conform to the declared and a new approach, which we have arrived in our agreement, should make use of the Zoom safer “.

The agency also found that Zoom provided incorrect information to users who used the function of recording and storing conferences. For 60 days after recording, the videos were stored on an unencrypted Zoom server and only then transferred to secure cloud storage. This puts users’ confidential data at serious risk.

Also Read:  Zoom video conferencing participants can now be seated in a virtual room using Immersive View

Fortunately, on October 26, Zoom received an update that added end-to-end E2E encryption for paid and free users in conferences of up to 200 people. For larger conferences, the company will release an update in the future.