Zoom Meeting Client version 5.6.6 has become the first video communications client to attain certification for Common Criteria Evaluation Assurance Level 2 (v3.1 rev. 5), issued by the German Federal Office for Information Security (BSI).
Common Criteria is an international standard for objectively evaluating that an IT product satisfies a defined set of security requirements. The evaluation involves analysing a specific set of security targets, including guidance documentation, architectural design, life cycle aspects, testing and vulnerability assessment.
The Zoom Meeting Client v5.6.6 has been evaluated by the BSI against the Common Criteria standard and found to exhibit a clear chain of evidence that the process of specification, implementation, and evaluation has been conducted in a rigorous and standard manner.
Common Criteria is an internationally recognized standard and an ISO standard (ISO/IEC 15408/18045) for evaluating the security claims of IT products. With a Common Criteria certification, the claims made about the security attributes of the evaluated product are independently verified.
This standard provides a clear chain of evidence proving the specification, implementation, and evaluation of a solution has been conducted in a rigorous and standard manner by an independent evaluation laboratory.
Mutually recognized in more than 25 countries including the UK, US, Canada, and Germany, Common Criteria is regarded as a leading benchmark for IT product security certification. A growing number of users expect IT vendors to produce trusted and reliable evidence for the cybersecurity capabilities of their products.
“This Common Criteria certification represents a major milestone for Zoom,” said Jason Lee, Chief Information Security Officer at Zoom.
“We’re the first video communications client to receive this important certification, reinforcing our commitment to our customers. Security and privacy are the cornerstones of everything we do, and we are continually innovating secure solutions for all users of our platform.”
At present, the BSI has certified Zoom version 5.6.6 for Windows, macOS, iOS, and Android. While version 5.6.6 was the version of Zoom client available at the time of the certification, we always recommend customers utilize the newest version of the client to take advantage of Zoom’s latest security updates and features.
“The Common Criteria certification is a global benchmark in cybersecurity,” said Sandro Amendola, Head of Standardization/Certification/Telecommunications Networks Security Department, BSI.
“The Zoom client demonstrated a high security standard across its product, successfully completing one of the most demanding evaluation procedures a company can undertake.”
