Zoom is a video-communications platform that has seen exponential growth as a result of COVID-19 related lockdowns. The company recently acquired Keybase, a privacy and encryption focussed messaging application. The financial details and terms of the acquisition have not been made public.
Keybase was founded in 2014 by Max Krohn and Chris Coyne, who were previously co-founders of OKCupid, an online dating website. Following a successful exit to Match Group in 2011, Krohn and Coyne left the company in 2013 to pursue a new opportunity.
The pair decided to use their application design skills and security knowledge to build a public-key encryption solution. Keybase is a key directory that maps social media identities to encryption keys in a publicly auditable manner. The package includes end-to-end encrypted chat via Kebase Chat, and a cloud storage system called Keybase Filesystem.
In July 2015, they announced that they had raised US$10.8M in a round led by Andreessen Horowitz. Participants in the round included Corazon Capital, other co-founders of OKCupid, the founder & CEO of Chain.com, Adam Ludwin, and the co-founder of Reddit, Alexis Ohanian.
Chris Dixon, who is currently a General Partner of a16z crypto, led the investment. Dixon stated that the uniqueness of the Keybase approach is that you don’t have to trust them. “The code is open source. The database is open. You just have to trust the cryptographic algorithms they use. Security experts can analyze [everything]. It will be public and be vetted by the security community,” he said.
In 2018, Keybase received an undisclosed amount of funding from Stellar, via the Stellar Development Foundation’s partnership grant program. The Foundation’s financial contribution to Keybase was stated to be a mix of USD and also Stellar (XLM).
The subsequent Keybase acquisition comes at a time where Zoom has been criticized for privacy and security issues and is part of Zoom’s 90-day Security Plan. Privacy issues have included “Zoombombing”, which is when an uninvited person joins a Zoom meeting. This occurs when an uninvited individual finds the Zoom meeting link and joins an in-progress meeting.
Other privacy and security issues that have been reported include data sharing with Facebook, claiming calls were encrypted when they were not, and a revelation that over 500,000 Zoom accounts are being sold on the dark web.
The 90-day Security Plan was announced by CEO Eric Yuan on the 1st of April to address these issues. In a blog post, Yuan outlined the massive influx of users to the platform as a result of COVID-19 related remote working and apologized to users for falling “short of the community’s – and our own – privacy and security expectations.”
The acquisition, which is also Zooms first-ever acquisition, has quickly added a team of security-focused developers to the platform and Krohn will now lead Zoom’s security engineering team. Zoom has been racing to build end-to-end encryption for Zoom’s videoconferences “that can reach current Zoom scalability,” and according to Yuan, “Keybase’s experienced team will be a critical part of this mission.”
In Keybase’s blog post detailing the acquisition, the team states, “There are no specific plans for the Keybase app yet. Ultimately Keybase’s future is in Zoom’s hands, and we’ll see where that takes us. Of course, if anything changes about Keybase’s availability, our users will get plenty of notice.”
In a blog post, Yuan states that Zoom is planning to only make the end-to-end encryption feature available to paying customers. This is an interesting way to not only amp up the privacy and security Zoom offers, but also increase the company’s bottom line by incentivizing free users to sign up for the paid service.
Zoom said it will publish a detailed draft cryptographic design on May 22, then seek feedback from cryptographic experts, customers and other stakeholders.
Zoom is not the first of large tech companies that have made acquisitions in the crypto and blockchain space over the past few years. In April it was revealed that the antivirus and security technology company acquired Tenta Browser in November 2019. The reveal came as Avast released a new secure browser for Android, which is based on the Tenta code base.
In July 2019 it was announced that Workday, a provider of a SaaS enterprise solution for human resources and financial management activities, had acquired Trusted Key. Trusted Key was a startup built to help companies in finance, healthcare, and other industries identify their users securely without the need for passwords. For Workday, the acquisition is part of a plat to move work credentials — such as licenses, certifications and degrees — onto the blockchain.
Brex, the corporate credit card unicorn, has made two acquisitions in the space. First was the acquisition of Elph Network, a decentralized network of scalable Plasma sidechains that achieve high transaction throughput on top of Ethereum, in March 2019. Second, was the acquisition of Neji, a company that is simplifying the business adoption of distributed ledger technology, in March 2020.
Airbnb is also known to have acquired a crypto startup. In April 2016 it was reported that Airbnb “acqui-hired” the team behind ChangeCoin, a startup that built a bitcoin-based micropayments service.