After many months of buildup, Zoom finally switched on its end-to-end encryption yesterday (Oct. 26), making the security and privacy feature available as a beta test for all Windows, Mac, Linux and Android users, free or paid. The iOS version is awaiting Apple's approval.
"This feature is available immediately as a technical preview, meaning that the company is proactively soliciting feedback from users for the next 30 days," wrote Zoom Security & Privacy PR Lead Matt Nagel in a Zoom announcement.
- Zoom security issues: Here's everything that's gone wrong (so far)
- How to use Zoom on iPhone, Android, Windows and Mac
- New: WhatsApp gets two killer upgrades — how to try them out
"When users enable E2EE for their meetings, nobody except each participant - not even Zoom's meeting servers - has access to the encryption keys that are used to encrypt the meeting," Nagel added.
To start using Zoom's end-to-end encryption, or E2EE as Zoom calls it, you've first got to log into your Zoom account on the Zoom website and go into your Settings. Then you've got to update the Zoom desktop software to version 5.4.0, or the Android app to version 220.127.116.114. We've got instructions for both below.
A few caveats
Even after all that's done, E2EE will not be used when you join a Zoom meeting unless the host decides to enable it on a per-meeting basis.
That's because, at least for now, E2EE won't let users join a meeting from the web-browser interface or by calling in over the phone. The E2EE client hasn't been developed for those interfaces yet.
"Individual Zoom users will want to weigh whether they need these options before enabling end-to-end encryption in their meetings," Nagel told us earlier this month.
We weren't able to find the switch to turn on E2EE when we started hosting our own meeting using the Windows desktop client, and we've asked Zoom about this. However, E2EE was enabled automatically when we started a hosted meeting using the updated Zoom app on an Android phone.
UPDATE: You've got to click the "Edit" button for your Personal Meeting ID, and then you'll see a choice between "Enhanced encryption" and "End-to-end encryption." Choose the latter and the meeting will have E2EE, as indicated by a green shield with a padlock in the upper left corner of the viewing screen.
To be honest, most users shouldn't need to use E2EE for most meetings, sexy as it sounds. Any Zoom meeting that requires a passcode is already encrypted to block access to everyone but the participants and Zoom itself. E2EE just makes sure that even Zoom servers and staffers can't see the content either.
That makes a lot of sense when you're discussing corporate or government secrets, or maybe just having a naughty Zoom party. But it's probably unnecessary when teaching a class or conducting a routine staff meeting.
How to turn on Zoom end-to-end encryption
1. Log into your Zoom online account, go to Settings and toggle on "Allow use of end-to-end encryption". A pop-up window will then appear asking you to verify this change.
2. Enter your mobile phone number in the pop-up window so that a temporary-one-time passcode can be texted to you. (Security fanatics will notice that this might not be the safest method.)
3. Type the one-time passcode you received on your phone into the appropriate field on your account page.
4. End-to-end encryption will now be allowed. But you're not yet done....
5. Change the default encryption type on your online account-settings page from "Enhanced encryption" to "End-to-end encryption" and click Save.
6. Update your Zoom desktop client on Windows or Mac: Click on the profile icon, then scroll down to and click "Check for updates."
6a. Update your Zoom Android app: Open the Play Store app, tap the upper left corner, tap My Apps & Games and see if an update is ready.
7. Zoom will update itself if new software is available on either platform.