Last week, Corona Warn App was launched in Germany to help break the chain of corona virus infection faster. And in this post, I am going to try to explain the purpose and functionality of the app, as well as answer most frequently asked questions, such as its usage, impact on battery and most importantly, security.
Who has created this app?
- The Corona Warn App is a project commissioned by the federal government of Germany.
- Deutsche Telekom and SAP developed the application based on a decentralised software architecture.
- The Fraunhofer-Gesellschaft and the Helmholtz-Zentrum CISPA provided consultation.
- The Federal Office for Information Security and the Federal Commissioner for Data Protection and Freedom of Information were involved in order to ensure the necessary data protection and data security requirements were met.
- The Robert Koch Institute made technical contribution to the design of the app and, as the publisher, is also responsible for carefully checking the requirements for data protection and data security.
What does the app do?
In the simplest possible terms, the app helps determine whether you have come into contact with an infected person, and whether there is a risk of infection for you. It aims to help the government quickly break infection chains by notifying you if you have been around a person for a long time who was later found to be infected with the corona virus. This way, you can react quickly and do not run the risk of spreading the virus unconsciously.
Why is it important for you to download it?
The app documents the digital encounter of two smartphones (not just people you know or consciously met). This way, the app can inform you particularly quickly if you have had contact with a person who tested positive for Corona. The faster you get this information, the less risk that many people will become infected.
In doing so, you are actively helping to contain the pandemic. The faster Corona-positive people and their contact persons are informed, the less the virus can spread. So the app helps you to protect yourself, your family, your friends and your entire environment. Without this technical help, the employees of the health authorities would have to personally follow the case. This is very time-consuming and it is often not possible to find all the contacts: because who remembers every person you have met? The Corona Warn app solves these problems.
How does it work?
The Corona Warn app uses bluetooth technology to measure the distance and duration of encounters between people who have installed the app. The smartphones “remember” encounters when the criteria defined by the RKI regarding distance and time are met. Each device randomly generates a new ID every few minutes. The distance between two smartphones on which the app is installed can be determined based on the signal strength. Then the devices exchange random codes with each other, which are saved locally.
If a Covid 19 infection is detected, the user releases his data by scanning a QR code that he has received from the doctor or by telephone TAN procedure. Then all IDs that the app has generated and sent within the last few days are sent to a central server. There they can be downloaded by all other app users. The comparison of the data stored on the server with the external IDs stored locally on the smartphones makes it possible to determine whether the user has had contact with a Covid 19 patient within a certain period of time.
If a contact has been established in this way, an individual risk score is determined based on the duration and distance profile according to statistical calculation rules. The respective user of the app receives a notification about the contact and information on how to proceed.
Can anyone download it?
Downloading this free app is recommended and voluntary. The app only runs on iPhones from iOS 13.5 (from iPhone 6s) and smartphones from Android 6. These are usually smartphones that are not older than four years.
Reports on the Corona Warn App (from a scientific study from Oxford) repeatedly state that the full effect is only achieved when 60 percent of the population or more participate. But the researchers also say that the number of infections and deaths decreases even if the application rate is lower.
Is it safe to download? Does the app share your data with a third party (like your employer)?
The official auditors found no signs that the sensitive data of the users could be tapped. “This is not the case. Users do not have to be afraid of surveillance,” Dirk Kretzschmar, managing director of TÜV Informationstechnik / TÜVit) summarizes his assessment. About 100,000 euros were spent on hackers alone, to test vulnerabilities, loopholes and back doors in the app.
What does this mean for users? It confirms that the Corona warn app itself does not access your location information. This is confirmed as the program code is publicly viewable and checked by independent experts. In addition, the location for contact tracing is completely irrelevant. The only thing that is recorded is that two devices have come close for a certain time and were able to exchange Bluetooth signals. Who is behind it or where the encounter took place does not matter. The app users remain anonymous.
The keys are also regenerated every 10 – 20 minutes to avoid traceability to a person. The app does not collect any data that enables the RKI or other users to infer the identity, health status or location of the user. In addition, the app does not use tracking tools to record or analyse usage behaviour. In addition, the program code of the app is open source, i.e. publicly viewable.
The developers SAP and Telekom and the federal government as the client have repeatedly emphasised in the past few weeks that the app is completely voluntary. It can also be deactivated or uninstalled at any time. Even employers must not make the app a condition for their employees to be allowed to work.
Where can I download the official app?
The Coronavirus Warn App has its own homepage (www.coronawarn.app), which also provides links to download the versions for iOS (iPhone) and Android. There is only one official Corona-Warn-App per country.
Does the app slow down Internet access from your cell phone?
No, the mobile phone is just as fast as usual. In the MDR JUMP test, the Corona warn app consumed only 40 kilobytes of data in two days. Also, as has been agreed by all mobile phone companies, the data for the Corona Warn app are not counted towards the monthly data volume or not counted separately in tariffs without data volume.
What about the impact on battery?
The developers say that the app doesn’t draw much power and uses only a tiny fraction of the battery capacity as the app doesn’t transmit constantly, but only every two and a half to five minutes.
While the app is a great initiative to curb the pandemic in Germany, it can only help to identify chains of infection more quickly and not directly protect you from the infection. To continue protecting ourself, we need both the app as well as previously defined SOPs – masks, social distancing, and so on!