The short name or acronym of the project

COVIDSafe

The release version of the software application. If there is no official version number, use 20YY-MM-DD-unstable
1.0.18

edit

Main organisation(s) behind the technology

Australian Government

edit

The web address of the source code of the project
https://github.com/AU-COVIDSafe

edit

Are all components of the project publicly available under an OSI Approved Licence?
No

edit

https://github.com/AU-COVIDSafe/mobile-android/blob/master/LICENSE.md

edit

Pointers to other sources of information, e.g. whitepapers, architectural designs

https://www.covidsafe.gov.au/

edit

Official description of the data flow and the overall architecture

Users can voluntarily download the app from the Apple App Store or Google Play. The user registers to use the app by entering a name, age range, mobile number and postcode and will receive a confirmation SMS text message to complete the installation of the app. On the basis of this information, an encrypted reference code is generated for the app on that phone.

COVIDSafe uses Bluetooth® to look for other devices that have the app installed. It takes a note of a contact when it occurs, by securely logging the other user’s encrypted reference code. The date, time and proximity of the contact are generated on the user’s phone, and the phone model is also noted. This information is then securely encrypted and stored on the phone. Your location is not recorded.

This information is securely encrypted and stored on the phone.

The app uses a rolling 21-day window to allow for the maximum 14-day incubation period of the coronavirus, and the time taken to confirm a positive test result. The rolling 21-day window allows the app to continuously note only those user contacts that occur during the coronavirus incubation window. Contacts that occurred outside of the 21-day window are automatically deleted from the user’s phone.

The encrypted close contact information on your phone is not accessible by anyone, including you. If you are diagnosed with the virus, you will be asked to consent to upload your close contact information to a highly secure information storage system. The uploaded information enables state or territory health officials to contact the user and close contacts to provide advice on actions they should take to manage their health.

This cycle continues if a user of the app who was a close contact subsequently tests positive.

edit

Symptom reporting Exposure notification

edit

add

Upload the logo of the project if available. Non-essential, but pretty.

edit

General principles

E.g. Bluetooth, Bluetooth Low Energy, Near-Ultrasound, Ultrasound, LIDAR, 802.11x, Zigbee, infrared, visible light, UV. More than one answer is possible.
Bluetooth Low Energy

edit

Select the technical protocol(s) supported by the application. If the protocol is not yet inthis list, please save this page, navigate to the protocols list and add before proceeding.

add

Is the application based on a published technical specification for contact tracing (eg DP3T, BlueTrace, Google-Apple)?
No

edit

add

Is there evidence of the (epidemiological) effectivity of the application? Please add any links to information on studies or trial runs that showcase that the technology proposed .

add

Legal/licensing information

Are all components of the project publicly available under OSI Approved Licence(s)? If you know which license(s), please use SPDX identifiers.

add

If not all components used are open source, please provide a technical description of these components suitable for publication, and any third party security analysis. Provide contact details of each technology supplier.

add

If the project is known to be encumbered by (software) patents or other intellectual property claims by any of its creators or known third parties, please indicate which. Also, feel free to list any defensive publications.

add

Platforms, build environment

On which platforms can the application(s) run?

add

add

Location(s) of the app(s) in various app stores (F-Droid, Google Play, Apple Store, Jolla Store, etc).

https://apps.apple.com/au/app/covidsafe/id1509242894
https://play.google.com/store/apps/details?id=au.gov.health.covidsafe

edit

What external libraries and SDKs does the application depend on?

add

Which tools (IDE, etc.) are necessary to build the application from the available sources?

add

Do different builds of the application yield the same bits?

add

add

Is the user in control when some or all bits of the application are replaced?

add

add

Is the update mechanism compatible with the requirements of TUF (https://theupdateframework.io/security), including resilience against rollback attacks, extraneous dependencies attacks and handling vulnerability to key compromises?

add

Security

add

If the developers have published or adopted a dedicated threat model for their app, provide a web link.

add

If there have been in-depth security analyses of the application(s) and/or underlying protocols, provide web links to publicly available reports. One line per report.

add

If there are known security weaknesses or shortcomings that are currently unresolved, please provide a link to CVE's/bug reports or other available sources.

add

Is the temporary data stored by the solution protected by modern, strong cryptographic means
No

edit

add

Exposure of interfaces with critical system level security flaws.

add

Privacy

General impact assessment

Has a Data Privacy Impact Assessment (DPIA) or equivalent privacy analysis been conducted in relation to the technologies used or proposed by the project? A DPIA is a formal assessment of privacy risks users are to be exposed to. Provide a link to the outcome of this assessment, and any updates or responses or mitigations that have been implemented since in response to the findings of the DPIA. : Provide web addresses of the DPIA and any follow ups.

add

Provide links to other noteworthy articles and reports regarding or mentioning the project.

add

Are there any special provisions made for protection of the information of minors, or legally incompetent people?

add

Mobile app specific questions

Does the solution have complete governance/run-time control over client-side hardware while in deployment, including the OS? Or is there shared tenancy, and are there other applications running?

add

add

Use of the solution does not require the use of an online account which is traceable to individuals. E.g. a vendor account which needs to be activated before a mobile phone can be used.
No

edit

add

Is use of the solution tied in any way to the use of (an) account(s) with any third party, other than national?
No

edit

add

Does the application make use of fixed, traceable, device specific identifiers or accounts, like phone numbers, IMEI, etc?

add

add

Is the solution free from telemetry/tracking?
No

edit

add

Does the application request/require OS privileges to e.g. recent contacts, the address book, location based services, the camera, etc.?

add

add

For each of the requested permissions explain how the data or the funcitonality that can be accessed through that permission is used by the application. Specify whether this access is merely local, or whether information obtained through this is shared centrally.

add

Is there any location data (or equivalent) stored?
No

edit

add

Does the application or device have a built-in kill-switch where it ceases to function after a predetermined point in time, to avoid unnecessary risk exposure?
No

edit

add

Users can choose to expose whether or not they are infected, even under pressure or threat
No

edit

add

add

add

Is the privacy and the security of the user of the solution safe from compromise related to external observability of device-specific Bluetooth identifiers?
No

edit

add

Is a fixed Wifi MAC address broadcast by the solution?
No

edit

add

Is the Bluetooth ID of the user (or a derivation that can be easily linked back to it) broadcast?
No

edit

Detailed privacy related attributes

add

The application only shares anonymous attributes.
No

edit

add

Can the user of the app review and redact their data, or decide to not upload some data?
No

edit

add

Do users run the risk of involuntary exposure of their social graph?
No

edit

add

Does the application request/require privileges to e.g. recent contacts, the address book or other user-specific data?
No

edit

add

Is the real identity (or a strongly linked attribute) stored outside of the user device?,
No

edit

add

Is the phone number of the user (or a derivation that can be easily linked back to it) stored outside of the user device?
No

edit

add

No

edit

add

Is there any location data (or equivalent) stored externally?
No

edit

add

Is the wifi mac addres of the user (or a derivation that can be easily linked back to it) stored outside of the user device?
No

edit

add

Is the Bluetooth ID of the user (or a derivation that can be easily linked back to it) stored outside of the user device?
No

edit

add

The solution is guaranteed to never leak information about IP addresses of users to the backend.
No

edit

Available third party analysis

add

add

Studies and analyses of the technical aspects of the application

add

Customization and usability aspects

Is the application ready to be used with multiple languages (i18n) if translated strings are provided?
No

edit

add

Give the web address of any accessiblity certifications by an accreditated certifcation instance. If there are more than one, put each link on a new line.

add

Has the assistive technology been designed to not expose users with disabilities with additional privacy risks?
No

edit

Backend

add

Select where and how the data produced by the solution is hosted

add

If an external back-end technology is used in conjunction with the application or device, please provide a link to its repository or home page

add

Any other relevant remarks and considerations
Tags:
Created by Michiel Leenaars on 2020/05/30 18:39
    

Need help?

If you need help with XWiki you can contact:

reviewfacility
XWiki 11.10.3
contact@reviewfacility.eu