Following its unprecedented rise to popularity during the coronavirus pandemic, Zoom quickly found itself under scrutiny from privacy and security experts for not offering end-to-end encryption, among other issues. The company reacted by promising to add the security feature, but for paid users only. After some press backlash regarding that decision, Zoom has now announced that it will bring end-to-end encryption (E2EE) to everyone.
Zoom sees itself caught in a balancing act between keeping its service safe from so-called Zoombombing and providing a secure service for its users, so the company has decided to make E2EE an optional feature. To activate it for the first time, you'll have to verify your identity via a text message or other means in order to keep spam accounts from using E2EE. The business also used the announcement to reiterate that all of its conversations are protected by AES 256 GCM transport encryption.
Zoom has uploaded its updated E2EE design to GitHub to make it transparently available to security researchers. The company plans to start an "early beta of the E2EE feature in July 2020," so you'll have to wait a bit until you can get your hands on it.