Security Standards

The following sections outline Zoom’s security standards for the web, real-time media, and supported integrations.

Web

All user connections to the Zoom website use TLS 1.2 or 1.3 encryption, and PKI certificates issued by a trusted commercial certificate authority. The strength of encryption and specific ciphers used for connections to the website depend on the browser used to access the site and the results of the common encryption method negotiated.

Real-Time Media

Zoom Contact Center real-time media (audio, video, and screen sharing) is protected with 256-bit AES-GCM encryption between supported Zoom clients and within Zoom’s data centers. Any calls that traverse the PSTN are subject to the underlying carrier’s discretion and may not be encrypted.

Integrations

All third-party integrations with Zoom Contact Center must support TLS 1.2 or 1.3 encryption.