Out of the numerous platforms available, Zoom is blazing the trail in terms of popularity and usage. Board meetings, classes, events, etc are now held on Zoom. Parents, grandparents, co-workers, friends, and neighbors now use zoom in rates higher than previous years. Zoom sees an average of 300 million users on a daily basis. Revenues are also up. So far in Zoom, it has made about US$622.7 million. This is against the US$121.5 million in 2018

This however, attracted hackers who got hold of more than 500,000 passwords which were account credentials (usernames and passwords). They were sold by the hackers for as low as a penny each causing worry for users and bad publicity for the platform. The solution for the company was to create an end-to-end encryption that will protect users from hackers which would not be free or available to free accounts. As a form of compensation, Zoom announced a stronger security for all its users, the Advanced Encryption Standard (AES).

The problem with this is that AES is an extremely simplistic form of encryption which is bears a heavy weight on performance and security. It is nothing compared with the E2E encryption which empowers users with the keys that reside solely on their devices. As such, the Zoom application might have a difficulty operating as it should. This is aside the fact that the encryption improvement made by the company is not available to free accounts.

Meaning a user must have a paid account before the encryption can be a feature. The free account allows up to 100 persons in a meeting that can go up to 40 minutes. Prices for the paid account range from $14.99 to $19.99 per month. There are little or no differences between these accounts.

From a business perspective, this may sound like a sound way to improve revenue and encourage users to take up paid accounts and other improvements on the company’s KPIs that I may fail to mention. Eric Yuan, founder of zoom stated that “free users for sure we don’t want to give that because we also want to work together with FBI, with local law enforcement in case some people use zoom for a bad purpose”. This gives the impression that the operation of a free zoom account implies that your activities and data on the platform can be given or “sold” to third parties. This is just one of the things wrong with this move. This is in addition to the fact that a free account can be hacked repeatedly and the personal data could get into the wrong hands. Before the hack, Zoom was found to have a lot of security and privacy issues. This is apart from the company’s unauthorized transference of user data to Facebook and other third parties

The second is the issue of bearing the cost of a fault that is a result of the design process. The hackers were able to steal credentials using a number of methodologies that could have been identified if the platform’s security was as sophisticated as what is preached currently. Invariably, this sounds like Zoom is trying to profit from a problem that it inadvertently created in the first place.

What is the way forward?

Zoom needs to retrace its steps and make this end-to-end encryption available for all its users. This will not only provide some sort of egalitarian perspective but also insulate users from having their data and credentials hacked. This will knock out the AES which is a weak and faulty way of protecting free accounts. The company must also refrain from selling or transferring user data to third parties as it contravenes a number of privacy laws. Without incentivizing the encryption mechanisms, Zoom still has the capacity to increase its revenue through other unexplored but equally potent means.