Note: As our world comes together to slow the spread of COVID-19 pandemic, the Zoom Support Center has continued to operate 24x7 globally to support you. Please see the updated Support Guidelines during these unprecedented times.



Encryption for Zoom Phone Follow

Overview

Zoom supports secure voice calls across all supported SIP devices, desktop, and mobile clients. Zoom Phone supports standards-based encryption using SIP over TLS 1.2 Advanced Encryption Standard (AES) 256-bit algorithm for calls and during phone provisioning sessions. In addition, call media is transported and protected by SRTP with AES-256 bit algorithm for Zoom desktop and mobile clients, and with AES-128 or AES-256 bit algorithm for devices.

This article covers:

Zoom Phone desktop client and mobile app

On versions 5.0.0 and higher, Zoom Phone supports SIP signaling between client and/to server over TLS1.2 with AES-256 bit encryption. Media call is transported and protected by SRTP with AES-256 encryption. 

Zoom Phone devices

Zoom Phone supports standards-based encryption using SIP over TLS 1.2 Advanced Encryption Standard (AES) 256-bit algorithm for calls and during phone provisioning sessions. In addition, call media is transported and protected by SRTP with AES-128 algorithm for all devices. Zoom Phone admins can upgrade to AES-256 bit encryption for supported devices. Learn more about certified devices.

Upgrading to AES-256 bit encryption

Admins can upgrade specific models in a site to use AES-256 bit encryption.

  1. Sign in to the Zoom web portal.
  2. In the navigation menu, click Phone System Management then Company Info.
  3. If you have multiple sites, click the name of the site you want to edit.
  4. Click the Settings tab.
  5. In the Security section, click Add.
  6. Select a brand and model, then click Save.
  7. Repeat steps 5 and 6 to add more devices.

Downgrading to AES-128 bit encryption

If you previously upgraded to AES-256 bit encryption, you can downgrade to AES-128 bit.

  1. Sign in to the Zoom web portal.
  2. In the navigation menu, click Phone System Management then Company Info.
  3. If you have multiple sites, click the name of the site you want to edit.
  4. Click the Settings tab.
  5. In the Security section, click the ✖ icon to remove a model and downgrade it to AES-128 bit encryption.