key: cord-0551441-idj19hd3 authors: Li, Jinfeng; Guo, Xinyi title: COVID-19 Contact-tracing Apps: a Survey on the Global Deployment and Challenges date: 2020-05-07 journal: nan DOI: nan sha: d09f2ed39947b0e9a0eb5954146d8c0ed7324e55 doc_id: 551441 cord_uid: idj19hd3 To address the massive spike in uncertainties triggered by the coronavirus disease (COVID-19), there is an ever-increasing number of national governments that are rolling out contact-tracing Apps to aid the containment of the virus. The first hugely contentious issue facing the Apps is the deployment framework, i.e. centralized or decentralized. Based on this, the debate branches out to the corresponding technologies that underpin these architectures, i.e. GPS, QR codes, and Bluetooth. This work conducts a pioneering review of the above scenarios and contributes a geolocation mapping of the current deployment. The Apps vulnerabilities and the directions of research are identified, with a special focus on the Bluetooth-inspired decentralized paradigm. In the recent few months, contact-tracing Apps have emerged and pushed the boundary of innovations in response to the outbreak of the coronavirus (COVID-19) [1] . A contact-tracing App [2] is a mobile platform that assists the identification of people who may have come into contact with an infected person, and the subsequent collection of further information about these contacts for containing the virus' spreading. There is an ongoing debate on the deployment of the Apps regarding their technology framework, i.e. centralised [3, 4] versus decentralised [5, 6] , and their corresponding sensor technologies, i.e. the Global Positioning System (GPS) integrated with Quick Response (QR) codes scanning [7, 8] and big data analysis [9,10], versus the wireless Bluetooth devices [11] enabled by microwave [12, 13] and millimetre-wave [14] [15] [16] [17] communications. In the centralised architecture, personal data collected through the App is controlled by government authority. These Apps mainly follow the PEPP-PT (Pan-European Privacy-Preserving Proximity Tracing) [18] protocol, but the consensus amongst the technical community is that this framework is too academic for practical development. For the decentralized approach, the personal data is enclosed or controlled by individuals only on personal devices. These Apps follow the DP-3T (Decentralised Privacy-Preserving Proximity Tracing) [19] data protection solution recently developed by the European Academics. However, this framework is only partially decentralised, i.e. there is an anonymous centralised database for only the infected people. Google and Apple in partnership [20] will launch an exclusive decentralised framework in May which will be more compatible with the Android and iOS systems. Regarding the technologies and infrastructures that underpin the two architectures, GPS is based on crowd mapping for tracking the spread of the COVID-19, while the QR codes scanning approach is combined with physical temperature testing equipment or thermal imaging cameras to track the healthy or infected individuals' movement on public transport. The Bluetooth method detects other devices retained for a certain amount of time within a certain range of distance, and notifies the devices which have had sufficient contacts with the infected individual's device, assuming that the infected individuals report their anonymous infection states to the App. Researchers from Oxford [21] recently modelled and proposed a threshold on the active user rates (at least 60%) for the App to fully deliver its valuable insights for the government to contain the virus. There is arguably a growing trend globally and especially in Europe that the decentralised architecture would be preferable. Keeping personal data safe and secure is one of the greatest challenges posed by the rapid development of today's health informatics. The up-to-date regulations and frameworks are detailed in sections below, including the General Data Protection Regulation (GDPR) [22, 23] , as well as the key competing architectures that have been mentioned in section 1. [26] released on 1 April 2020which was followed by the German and Italian governments, and was involved with the development of the UK government's NHSX App (centralised). 5. Decentralized Privacy-Preserving Proximity Tracing (DP-PPT)/ (DP-3T) [27] released on 6 April 2020 -no pooled data is collected, which largely mitigates the privacy risk. The none-infected individuals' data are decentralised based, and the infected individuals' information will be collected anonymously to a central database. 6. Apple and Google partner on COVID-19 contact tracing technology framework [20] (yet to be released in May) -privacy-preserving contact tracing, Bluetooth based, decentralised, free of GPS. Apple and Google tech is currently trading (integrating) with some of the Governments self-running Apps. 7. Government-run contact tracing technology [28] framework that not going to deploy Apple & Google's framework, e.g. the UK, France, and several US states. We produce the first geolocation mapping for the global deployment of the COVID-19 contact-tracing apps in Fig. 1 , with the format codes in an order of the country name, App name, the number of users (download times), and the underpinning technologies (GPS, QR codes, Bluetooth). The color of the country represents the employed framework, i.e. with red denoting the centralised architecture, while green representing the decentralised (or being migrating into the decentralised framework, e.g. Austria, Swiss, Estonia, Finland, Germany, Alberta of Canada, and Vietnam). Following a software vulnerability-mapping analysis paradigm [24] , the flaws of 10 contact-tracing Apps are analysed and summarised below. For instance, one of the key non-technical but important questions for the UK NHS COVID-19 tracking App is the fault positives (i.e. what if people without concern for COVID-19 maliciously report a positive using the App) and the fault negatives (i.e. what if infected people do not report their cases in the App). (1) The Health Code on Alipay and WeChat (QR code and big data based, centralised) used in China has achieved a 63% of the population coverage and 100% on travelers. However, it is introducing a significant cost for the temperature testing equipment. Many staff are involved in the checking house by house and helping people without using the digital App. is applied to only self-quarantined people staying at home, and hence not a rigorous contact-tracing App. It is susceptible to the risk if people take off the wristband and phone together and go out. As observed from Fig.1 and the flaws analysis, Bluetooth (either in centralised or decentralised framework) has accounted for 57% of all the tracking technologies, as compared with the GPS (43%), which merits a further analysis into both the technical and geopolitical characteristics. Firstly, there is a trade-off between the data privacy and the insights. Arguably, the decentralised and no GPS solution provides the highest level of data protection for individuals as no personal data is collected unless the individual is infected. Without the GPS tracking, Apps cannot collect and trace the movement of the population geographically. With a decentralised framework, however, any data collected from individuals cannot be driven into a centralised database for future analysis, i.e. less information will be provided to the government for controlling the self-quarantine and the movement of the disease among the population. Secondly, existing decentralised tracing Apps such as the Austria's Stopp Corona are issuing a static unique digital ID to each user with rolling public and private keys (keeping the message encrypted and increasing the data protection standard). If the digital ID is unique and static, it runs the risk that certain digital ID could be hacked and paired with a mobile device, thus compromising the individual privacy. Thereby, a rolling base digital ID to mitigate this vulnerability would be a better practice. In the practical situation, this would be relatively easy to tailor and optimise compared with other related challenges. Furthermore, different mobile devices exhibit a variety of Bluetooth signal intensity at the ISM band, i.e. the capability of each mobile device to determine the social distance precisely can vary. Accordingly, it is of research and development interest regarding how this can be manipulated (converted) in a unified framework that regulates different generations of devices to communicate and share data with each other. Other factors, such as the multipath interference and spatial blockage between devices are also urgent yet promising research areas that could tip the balance on the functional performance and fault tolerance of the Bluetooth based contact tracking. Coupled with the technical hurdles, the risk-level evaluating standard based on the distance and time contained should be updated accordingly. This work reviews the states-of-the-art contact-tracing Apps for the COVID-19. A systematic mapping of the global deployment architectures and technologies is proposed, with a detailed analysis of the flaws for each scenario presented. Specifically, the key challenges facing the Bluetooth based solutions are identified to assist the health informatics decision-making concerning the UK's current status in COVID-19 (see Appendix A for an exponential fitting performed to model the cumulative cases up to date). Available online: https://www.research.ox.ac.uk/Article/2020-04-16-digital-contact-tracing-can-slow-or-even-stop-coronavi rus-transmission-and-ease-us-out-of-lockdown (accessed on 6 May 2020). 22. General Data Protection Regulation (GDPR). Available online: https://gdpr-info.eu/ (accessed on 6 May 2020). 23. European Commission. Coronavirus: Guidance to ensure full data protection standards of apps fighting the pandemic. Available online: https://ec.europa.eu/commission/presscorner/detail/en/ip_20_669 (accessed on 6 May 2020). Rolling updates on coronavirus disease (COVID-19) NHS contact tracing app: how does it work and when can you download it? The Telegraph The UK's coronavirus contacts-tracing app explained NHSX differs with Apple and Google over contact-tracing app Without Apple and Google, the UK's contact-tracing app is in trouble Google ban use of location tracking in contact tracing apps Mobile applications to support contact tracing in the EU's fight against COVID-19 Guidelines 04/2020 on the use of location data and contact tracing tools in the context of the COVID-19 outbreak The coronavirus contact tracing privacy debate kicks up another gear Available online EU privacy experts push a decentralized approach to COVID-19 contacts tracing Governments have to decide whether to scrap their own COVID-19 contact tracing apps in favor of tech built by Apple and Google. Here's what's at stake Vulnerabilities Mapping based on OWASP-SANS: A Survey for Static Application Security Testing (SAST)