Zoom acquires encryption startup in coronavirus security push

Keybase acquisition part of video-conferencing company's 90-day plan to improve security

Get all the latest news on coronavirus and more delivered daily to your inbox. Sign up here.

Continue Reading Below

Zoom has purchased encryption startup Keybase in its first-ever acquisition, Zoom founder Eric Yuan announced Thursday.

The acquisition of Keybase, secure messaging and file-sharing, adds cryptographic expertise to Zoom's staff as it deals with the fallout of security breaches discovered as, company's schools and families started to use the video conferencing software as they sheltered in place to slow the spread of the new coronavirus.

Initially, our single top priority is helping to make Zoom even more secure," Keybase wrote in a blog post. "So, our shortest-term directive is to significantly improve our security effectiveness, by working on a product that's that much bigger than Keybase. We can't be more specific than that, because we're just diving in."

Zoom has a 90-day plan to strengthen the video conferencing app's privacy and security after it came under the scrutiny of state and federal lawmakers. Lawmakers accused the company of not anticipating the risks, such as "zoombombing,"  that could come with a huge surge of users amid the coronavirus pandemic.

TickerSecurityLastChangeChange %
ZMZOOM VIDEO COMMUNICATIONS INC.511.52-9.02-1.73%

ZOOM SHARES DIP AMID CORONAVIRUS, SECURITY CONCERNS, COMPETITION

"Since its launch in 2014, Keybase’s team of exceptional engineers has built a secure messaging and file-sharing service leveraging their deep encryption and security expertise," Yuan said in a statement. "We are excited to integrate Keybase’s team into the Zoom family to help us build end-to-end encryption that can reach current Zoom scalability."

Eric Yuan speaks onstage during the Dropbox Work In Progress Conference at Pier 48 on September 25, 2019 in San Francisco, California. (Photo by Matt Winkelmeyer/Getty Images for Dropbox)

An April 3 study by the University of Toronto's Citizen Lab found that Zoom could possibly have "the ability to monitor encrypted calls because they have access to the encryption keys."

ZOOM CEO: CORONAVIRUS SECURITY CONCERNS SHOWED 'I REALLY MESSED UP'

The finding related back to Zoom's previous claim that it offered end-to-end encryption — a type of technology that prevents developers and other third parties like hackers or law enforcement from accessing private communication between two parties on a platform. Apps such as Facebook Messenger and WhatsApp offer this feature.

GET FOX BUSINESS ON THE GO BY CLICKING HERE

Zoom claimed that its servers were endpoints, suggesting that only users have access to their private conversations, but the study shows that the app's servers were not endpoints but instead acted as intermediaries, meaning Zoom had access to those conversations.

In this April 2, 2020, frame from a Zoom video, the Rev. Laura Everett in Boston delivers a sermon for Boston’s First Baptist Church. (The Rev. Laura E. Everett via AP)

Yuan said his company was working to upgrade its encryption design.

"Due to the unique needs of our platform, our goal is to utilize encryption best practices to provide maximum security, while also covering the large range of use cases that we support," he said at the time. "We are working with outside experts and will also solicit feedback from our community to ensure it is optimized for our platform."

CLICK HERE TO READ MORE ON FOX BUSINESS