After announcing that it would not offer end-to-end encryption (E2EE) to free users, Zoom backpedaled and said that everyone using the conferencing software would be able to use AES 256 GCM protection. (The caveat being that chats won’t be covered.) The company claimed that it was trying to balance security with the ability to hold accountable those who use the app for nefarious purposes. Zoom now says that it has “identified a path forward” that will accomplish that goal.

The company claims that it has taken feedback from civil liberties organizations, security experts and the government to form its new course of action. Zoom will require free users to undergo a one-time verification process to enable encryption. “All Zoom users will continue to use AES 256 GCM transport encryption as the default,” says the company, though whether or not different protocols will be available isn’t clear. E2EE does cause issues with some hardware, such as PSTN or SIP conference phones, so users will be able to turn encryption off as needed.