Share

• Copy link
• Facebook
• X
• Reddit
• Email

Share this article

Join the conversation

Follow us

Add us as a preferred source on Google

Newsletter

Get the Tom's Guide Newsletter

Here at Tom’s Guide our expert editors are committed to bringing you the best news, reviews and guides to help you stay informed and ahead of the curve!

Become a Member in Seconds

Unlock instant access to exclusive member features.

Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors

---

By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

You are now subscribed

Your newsletter sign-up was successful

---

Want to add more newsletters?

Daily (Mon-Sun)

Tom's Guide Daily

Sign up to get the latest updates on all of your favorite content! From cutting-edge tech news and the hottest streaming buzz to unbeatable deals on the best products and in-depth reviews, we’ve got you covered.

Signup +

Weekly on Thursday

Tom's AI Guide

Be AI savvy with your weekly newsletter summing up all the biggest AI news you need to know. Plus, analysis from our AI editor and tips on how to use the latest AI tools!

Signup +

Weekly on Friday

Tom's iGuide

Unlock the vast world of Apple news straight to your inbox. With coverage on everything from exciting product launches to essential software updates, this is your go-to source for the latest updates on all the best Apple content.

Signup +

Weekly on Monday

Tom's Streaming Guide

Our weekly newsletter is expertly crafted to immerse you in the world of streaming. Stay updated on the latest releases and our top recommendations across your favorite streaming platforms.

Signup +

---

Join the club

Get full access to premium articles, exclusive features and a growing list of member rewards.

Explore

---

An account already exists for this email address, please log in.

Subscribe to our newsletter

Zoom has had a rough go of it in the press as of late when it comes to privacy and security issues. [Editor’s note: This article has been updated with a reply from Mozilla explaining its survey methodology.]

But according to a new report, Zoom meets the same security standards as other virtual meeting services, such as Google's Hangouts apps and Skype, and even scores higher than Apple's FaceTime. Your friends & family's favorite Zoom alternative, however, may not. 

The report published today (April 28) by Firefox browser maker and web privacy vanguard Mozilla gives Zoom an award that almost sounds backhanded: "Meets Our Minimum Security Standards." But don't let that dissuade you: Zoom got a security rating of 5/5 in the report, while FaceTime got only 4.5/5. 

• Zoom privacy and security issues: Here's everything that's wrong (so far)
• The best Zoom alternatives for video conferencing
• Just in: Zoom 5.0 is out now —  how to upgrade and what's new

According to Mozilla, this means Zoom fulfills the requirements that "all products should meet in order to be sold in stores." Or in Zoom's case, given out for free online.

Zoom's 5/5 score on the report includes winning a point for using some encryption, even though Mozilla notes that while "Zoom uses encryption. It does not use end-to-end encryption." 

The rest of Zoom's "perfect" score is earned by the client software getting multiple security updates each month, Zoom requiring strong account passwords, Zoom providing a program for reporting vulnerabilities and Zoom publishing a privacy policy online. 

Show me the data

That's a pretty good minimum threshold, but we've got some questions about the survey.

Google's Duo, Hangouts and Meet (even Mozilla thinks Google has too many messaging apps) collectively got 5/5 stars, but the write-up exposes a flaw in the report. 

"Google Duo" Mozilla says, "is the only one of the three apps that claims to use end-to-end encryption."

It's hard to see how Mozilla reached its conclusions about the encryption of every video-call service it examined. Did Mozilla do a technical examination, capturing every data packet as it went out over Wi-Fi? Or did it just take each service's word for how good the encryption was?

It sounds like Mozilla chose the second option. The footer of the study notes: "The information provided here is pulled directly from the product website." 

Individual reports, such as the one for Microsoft Teams, can be a bit fuzzy: "Microsoft Teams uses encryption. It does not appear Microsoft Teams uses end-to-end encryption." 

That's not much of a definite conclusion. We reached out to Mozilla for more information and Mozilla’s VP of Advocacy and Engagement, Ashley Boyd, responded, saying it "entailed combing through privacy policies and other documentation; examining the apps' features and controls; reading relevant news coverage; and corresponding with companies when clarification was needed." Boyd confirmed the absence of technical encryption analysis, saying Mozilla "studied apps' privacy policies and other documentation materials."

Taking their word for it

If any of these services is ever found to be lying about its encryption standards and implementation (such as when The Intercept proved last month that Zoom's "end-to-end encryption" was bogus), the study's scoring may need to be updated.

The stated requirements all seem like basic standards, but they're not met by all. Houseparty, which has had its own (likely misguided) security kerfuffle recently, got a failing 4/5 score (even though it uses some encryption). 

That's due to Houseparty's weak password requirements, which have only a five-character minimum. It even let Mozilla's researchers use "12345" as a password. 

Discord (which also uses encryption) also got a failing 4/5 score because of poor password standards (six-character minimum, "111111" allowed).

Apple's FaceTime got a 4.5/5 passing score, that half-point docked because of lower password standards set around FaceTime calls, even though "Users can and should password protect their phone to keep unwanted people from making FaceTime calls." 

FaceTime, however, does have end-to-end encryption -- or at least Apple says it does.