Advanced chat encryption in the Zoom app
To ensure the security of chat messages between Zoom users, advanced chat encryption has been implemented. Using the Advanced Encryption Standard (AES) 256-bit algorithm, all chat messages are encrypted with the TLS 1.2 protocol with advanced encryption.
The following topics are covered in this article:
- Differences between enabling and disabling Enhanced Chat Encryption
- Restrictions after enabling Enhanced Chat Encryption
- Enable Enhanced Chat Encryption
- Use of encrypted chat
- Troubleshooting errors decrypting messages
- Zoom desktop client
- Windows: 4.1.8826.0925 or higher
- macOS: 4.1.8826.0925 or higher
- Mobile Zoom app
- Android: 4.1.8855.0925 or higher
- iOS: 4.1.8855.0925 or higher
Differences between enabling and disabling Enhanced Chat Encryption
It is possible to enable advanced chat encryption in the following ways:
- Data at Rest: During the chat, participants’ devices are used to generate and operate keys that encrypt the content.
- Data in transit: TLS is used during chat transmission to encrypt the information
When Enhanced Chat Encryption is disabled, the following happens:
- Data at rest: AWS Key Management Services (AWS KMS) is used to encrypt chat content on our AWS server with keys generated and managed by our team.
- Data in transit: A TLS encryption protocol is used when transmitting chat messages
Restrictions after enabling Enhanced Chat Encryption
The following enhanced chat features will no longer be available to users and admins once enhanced chat encryption has been enabled:
- Animated GIFs can be sent via email
- There is an option to view the files/images in the pane on the right (clicking the info icon will bring up that pane).
- It is possible to edit the sent messages
- In chat notifications, you can preview the sent message
- Follow chat messages by bookmarking them
- Click here to search your chat history
- For chat messages that contain URLs, you can see link previews of the URLs
Note: Admins have the option to enable link previews by default, although they are disabled by default.
- In the chat history, you can view the text of the messages you’ve sent
Note: Administrators can still see:
- A set of metadata is associated with the message, e.g. B. the name of the file, its size and the date and time it was sent.
- Comment on the sent messages
- External messages will be received on an external account that has Enhanced Chat Encryption disabled
**Note: On Windows, macOS, Android and iOS, link previews and chat history searches are supported if you are using version 5.8.0 or higher.
Enable Enhanced Chat Encryption
Note: It should be noted that IM groups have been merged with groups in Zoom accounts created after August 21, 2021 or accounts with “New Admin Experience” enabled. Create groups and change your groups settings by learning how.
To enable all members of your organization to use Enhanced Chat Encryption, please do the following:
- Sign in to the Zoom web portal by entering your email address and password.
- You can access IM Management by clicking the Account Management link in the navigation pane.
- Select the IM Settings tab on the left side of the screen.
- Enable the Enhanced Chat Encryption option by checking the Enable Enhanced Chat Encryption box.
The setting can be enabled by clicking the switch to the left of the setting when it is disabled. To confirm the change, a confirmation dialog box will appear and you must select Activate.
- To enable link previews by clicking the Enable link previews check box, you must enable Enhanced Chat Encryption.
If this option is activated, link previews are shown when the sender or recipient of a chat message contains a link. Once the sender sends the message, the local application detects the URL in the message and shares the preview with the recipient before encrypting the message. Note that this function only recognizes URLs followed by a non-blank space, and the URL must match http:// or https:// followed by a non-blank space. The default setting for this feature is to disable it.
Use of encrypted chat
A lock icon appears on chats in the Zoom desktop client and mobile app tab when Enhanced Chat Encryption is enabled. This icon indicates that enhanced chat encryption has been enabled in chat.
Only when the user opens Zoom can he see the encrypted chat. When an encrypted chat is received, a notification appears on the lock screen as well as in the notification panel.
Troubleshooting errors decrypting messages
There may be times when a message sent using Advanced Chat Encryption cannot be decrypted and viewed if the message was encrypted. This tends to occur because the users are not connected at the same time and therefore cannot simultaneously share the key required to decrypt the message. The key is automatically shared between users once they are online, and the message is decrypted once both users are online.
The key used to encrypt the message(s) is lost and cannot be recovered if the user deletes or uninstalls their chat messages before the message(s) are decrypted and viewed. This occurs when the user deletes their chat messages or uninstalls the Zoom client before the message is decrypted and viewed. Since the key to decrypt the sent message is no longer present on any device, it is no longer possible to decrypt the sent message.