One proposal would restrict Java APIs to maintain the strong encapsulation that assures the integrity of code and data, while a second would introduce a Key Encapsulation Mechanism API.

Further, instead of using AES-256 encryption as Zoom claims, the report found the application was using an AES-128 key in electronic code book (ECB) mode.