Updated: Oct 27, 2021
Our customers’ needs sparked the rollout of our new end-to-end encryption (E2EE) offering last October, and now we’re taking the next step in our security journey by expanding our E2EE offering to Zoom Phone, as well as developing two exciting new technologies: a Bring Your Own Key (BYOK) offering and Verified Identity.
Previously only available in Zoom Meetings, our E2EE offering will be extended to Zoom Phone. Users will have a new option to upgrade to E2EE during one-on-one phone calls that occur via the Zoom client.
During a call, users can click “More” to find the option to enable end-to-end encryption. The upgrade takes under a second and helps add an extra layer of security to users’ phone calls occurring over Zoom. Additionally, users will have the option to verify E2EE status by providing a unique security code to one another.
With our BYOK offering, both Zoom and the customer are responsible for establishing a security framework. Customers using BYOK will own and manage a key management system (KMS) in AWS, which will contain a customer master key (CMK) that Zoom cannot access or see. Zoom will interact with the customer’s KMS to obtain data keys for encryption and decryption and will use these data keys to encrypt and decrypt customer assets before those assets are written to long-term storage. Zoom will not store plaintext data keys in long-term data storage.