Demystifying COVID-19 digital contact tracing: A survey on frameworks and mobile apps

TL;DR

This survey reviews global digital contact tracing frameworks and mobile apps developed during COVID-19, analyzing architectures, privacy models, and security considerations to inform future improvements.

Contribution

It provides the first comprehensive review of COVID-19 contact tracing architectures, including system types, deployed apps, and adversary models, offering new insights into privacy and security.

Findings

Bluetooth Low Energy is the most promising technology for contact tracing.

Decentralized architectures are preferred for privacy preservation.

Most apps follow privacy-preserving protocols with varying security measures.

Abstract

The coronavirus pandemic is a new reality and it severely affects the modus vivendi of the international community. In this context, governments are rushing to devise or embrace novel surveillance mechanisms and monitoring systems to fight the outbreak. The development of digital tracing apps, which among others are aimed at automatising and globalising the prompt alerting of individuals at risk in a privacy-preserving manner is a prominent example of this ongoing effort. Very promptly, a number of digital contact tracing architectures has been sprouted, followed by relevant app implementations adopted by governments worldwide. Bluetooth, and specifically its Low Energy (BLE) power-conserving variant has emerged as the most promising short-range wireless network technology to implement the contact tracing service. This work offers the first to our knowledge, full-fledged review of the most concrete contact tracing architectures proposed so far in a global scale. This endeavour does not only embrace the diverse types of architectures and systems, namely centralised, decentralised, or hybrid, but it equally addresses the client side, i.e., the apps that have been already deployed in Europe by each country. There is also a full-spectrum adversary model section, which does not only amalgamate the previous work in the topic, but also brings new insights and angles to contemplate upon.