A review of information security aspects of the emerging COVID-19 contact tracing mobile phone applications

TL;DR

This review analyzes the privacy and data reliability issues of COVID-19 contact tracing apps, highlighting weaknesses and proposing recommendations to improve safety, privacy, and public acceptance of these mobile health solutions.

Contribution

It provides a comprehensive review of existing contact tracing app implementations, identifying security flaws and privacy concerns, and offers targeted recommendations for enhancing their safety and acceptance.

Findings

Existing apps have significant privacy vulnerabilities.

Data reliability issues affect contact tracing effectiveness.

Recommendations can improve safety and public trust.

Abstract

This paper discusses the aspects of data reliability and user privacy for the emerging practice of mobile phone based contact tracing for the COVID-19 pandemic. Various countries and large technology companies have already used or plan to design and use mobile phone based solutions, in an effort to urgently expedite the process of identifying people who may have been exposed to the disease and limit its spread to the general population. However, serious concerns have been raised both in terms of the validity of the collected data as well as the extent to which implemented approaches can breach the privacy of the mobile phone users. This review examines the weaknesses of existing implementations and concludes with specific recommendations that can contribute towards increasing the safety of infrastructures that collect and process this kind of information, as well as the adoption and acceptance of these solutions from the public.