2. Back and Sec
Zoom offers a comprehensive communications platform consisting of a variety of products, including Zoom Team Chat, Zoom Phone, Zoom Mail Service, Zoom Whiteboard, and Zoom Meetings.
For users of these products, Zoom provides software for desktop and mobile operating systems and embeds software in Zoom Room devices. In this document, when we refer to “Zoom clients” or simply “clients,” we include all these various forms of packaging. Crucially, these are systems to which we can deploy cryptographic software. In contrast, some Zoom products can also be accessed through other systems which are unable to support custom cryptographic protocols, or cannot offer the same level of security when doing so. For example, users can join a meeting by dialing in from a landline phone (with no cryptography support), or from their web browsers (which can perform cryptography, but make it easy for the server to surreptitiously provide tampered cryptographic code).
Our goal is to provide the best security protections across all of these devices, mindful of the constraints that each environment poses, and without compromising the easy and seamless experience that our customers expect. When analyzing the security of our products, we consider a wide range of potential adversaries, namely:
Outsiders: Individuals who are not authorized to access specific information or data streams (such as everyone who is not mentioned as a sender or recipient in a given email thread, or everyone except the participants of a specific meeting), and do not have access to non-public information related to it (e.g., user passwords, meeting passwords, IDS, SSO systems). These attackers may monitor, intercept, and modify network traffic, but do not have privileged access to Zoom’s infrastructure.
Participants: Zoom users who are authorized to participate in a specific communication or have been granted access to some information; for example, meeting participants who can access a meeting, because they know the meeting’s ID and password or exercise other qualifying credentials.
Insiders: Those who develop and maintain Zoom’s server infrastructure and its cloud providers, as well as attackers who have gained (even partial) access to this infrastructure.
Against these adversaries, colluding or working independently, we seek the following security goals:
Confidentiality: Only authorized participants should have access to the contents of end-to-end encrypted communications. If the Zoom product supports removing users from encrypted communication channels, then those users should no longer have access to those communications after they are removed.
Integrity: Those who are not authorized participants should have no ability to corrupt