Tech

COVIDsafe app is flawed: While Privacy & Security are tight, functionality needs to improve

The Government launched its COVIDsafe contact tracing app after some weeks of speculation and amid suspicion from the wider community over privacy and security fears. However, the focus really should be on how effective the app will be.

Your privacy is guaranteed by the simplicity of the apps functions, as well as the regulations, guidelines and pending legislation from the Government relating to its use.

Problematically though, one of the core functions of the app isn’t able to do what it’s intended to do – but it can be fixed.

Bluetooth is the key to this whole system of electronic contact tracing. Your phone “sees” my phone because it’s shouting out a Bluetooth signal, and vice versa. Each keeps a record of that shoutout to assist Health officials finding the people you may have infected if, in fact, you test positive to COVID-19.

However, if you’re not looking at the app – will it work?

On an Android device – yes. You open the app, then you open a different app – COVIDsafe keeps going, keeps sending out those Bluetooth signals.

On an Apple iPhone – not so much. When you open the app and see the “Active” screen – your phone is shouting at its loudest Bluetooth voice. And regularly.

However, when you press home or swipe up and go to the home screen, and when you open another app – is it still doing that?

This was the much reported issue with the “Singapore version” of this app, from which our COVIDsafe app was derived.

The Chief Information Officer of the Department of Health, responsible for coordinating the development of the app say they’ve overcome those issues.

We’re not so sure.

The Minister, and Health Department officials have been questioned on this, and all they can say is that the app works most effectively when open, and that the more apps you open the less effective it gets, particularly if those apps also use Bluetooth.

However, EFTM does not believe it’s possible the App developers overcame what is a widely known restriction of Apple’s iOS operating system preventing background use of Bluetooth.

This video from one researcher testing the app using another device as a “Bluetooth Scanner” seems to indicate this:

I attempted to replicate this test, and got the same result.

Assuming that as noted by the Health Department, the app “pings” ever minute to establish connections, I kept it open for an extended period. Over six minutes, I saw no “pings”.

That the app broadcasts different information when open to what it does when in the background does not mean the app isn’t working at all, it simply raises more questions about the effectiveness of the app.

A Solution is coming.

The good news is, the App has been installed by millions of people, and in a few weeks, there could be a solution which requires nothing more than for them to keep their system software and apps up to date.

As reported here, Google and Apple are working on similar functionality. They call this Exposure Notification. Initially, this will come by way of a programming API (A bit of code developers use to access core functions of a device), which will allow background usage.

This is not a new API for all apps, it will be made available for official Government health apps like our own COVIDsafe.

That alone should solve the problem. Quickly, and simply.

After that, the Google and Apple solution will roll out to all Google and Apple smartphones as an opt-in functionality, even if they don’t have the app installed – allowing Exposure Notifications at the Operating System level.

We’re a long way from knowing fully how that will work, likewise, we don’t yet know how hard it will be for the developers of COVIDsafe to integrate the planned Google and Apple API.

EFTM reached out to the Government for comment on these issues, and the Google and Apple functionality.

A spokesperson told EFTM “Apple and Google have not released any capability at this stage. We will evaluate the new capabilities when they become available.”

On Background App usage, they said “The app can run in background.”

Unfortunately, this doesn’t answer our direct question which was “On an iPhone where the app was opened at the start of the day, and not again, how many “pings” are possible or likely during a 30 minute period, when compared to an iPhone with the app open in the foreground“.

How to use the app until the Google and Apple Exposure Notification is integrated

All these questions, and issues, should not prevent anyone from downloading the app. The app has widespread benefits, and will play a huge role in how we get back to normal.

If you’re using an Android device – go forth.

If you’re using an iPhone – think of this as a portable scanner, until we know these issues are sorted, when you are in a location with people, perhaps in meetings, or at the shops, open your phone, open the app, then turn the phone upside down. Put it in the child seat of the Trolly at woolies if you need to.

The phone has it’s own “power saving” mode where the screen goes black and says “COVIDsafe” – this is it working hard.

So place the phone face down with the app running in circumstances where you think you’ll be exposed, or could expose others – while of course adhering to social distancing guidelines.

Hopefully the API integration from Google and Apple can happen rapidly given the excellent take up of the App here in Australia, but it relies on the Health Department going cap in hand and seeking out that help from Apple – they can’t assume they’ve done it alone, it simply isn’t possible.

Web: CovidSafe.gov.au

App Download: iOS (Apple) & Android

COVIDsafe app is flawed: While Privacy & Security are tight, functionality needs to improve
To Top

Join the EFTM Man Cave

Join the EFTM Man Cave for exclusive giveaways!

Welcome! (almost) - Please check your inbox or spam folder to confirm your subscription.