Extensive, aggressive and timely contact tracing is so far the only alternative to full lockdowns to control the spread of the SARS-CoV-2 virus causing the COVID-19 disease. The contact tracing approach has proven its efficiency in South Korea which shows no exponential growth of new infections (as of 03.04.2020) and has not entered full lockdown even though South Korea was one of the early virus hotspots.
Manual contact tracing is difficult, resource-consuming and imprecise. It is based on the memory of the infected individual, who may be in a critical condition and can’t give out information, people forget things, and sometimes people who had contact with an infected person can’t be contacted as their contact information is not known.
The AntiCOVIDSoftTM platform (application for iOS / Android + back-end to process information) solves this issue and makes tracing almost automatic.
Once a person installs the app, it starts running in the background. The user can turn off the app running in the background, but the next time he/she starts it, the app will complain that it was not ‘on’ and was not tracking. The user will be given motivational messages (‘Let’s save lives together’) to keep the app running in the background at all times. This fosters accuracy of data, as users are expected to forget turning the app on manually every time they leave their home.
While running in the background, the app will perform the following actions:
AntiCOVIDSoftDevice), as frequent as practical given battery life considerations.
IMPORTANT NOTE: No information
is sent or stored on the server at this stage.
All data is (a) stored locally to preserve the user’s privacy; and (b) it is anonymous.
If a user was in contact with an infected ID which was registered over the Bluetooth or QR code (see below on QR codes), he/she is flagged as ‘at risk’. If no QR-code based or Bluetooth based contact was made, then GPS tracks are analysed for proximity, the app selectively pulls tracks interesting for it from the server and compares the user’s track to the infected track locally to look for potential intersections and suspected exposures.
While in the foreground the app shows some infographic which can be interesting to the user: A map with numbers of infected people per location, the user’s own track (can be switched off for privacy purposes), tracks of infected people (those which were pulled by the app from the server).
Additionally, users can create ‘digital handshakes’ by scanning QR codes on any device generated by the other device. While such ‘handshake’ is being sent over the central server, it is encrypted with a one-time AES 256 bit symmetrical encryption key, which is encoded in QR-code, so the server does not know which user IDs established the contact and privacy is preserved – the fact that a contact was made is stored locally.
A QR-code enabled digital handshake is not a direct ‘competitor’ for Bluetooth distance measurements, as the culture of QR-code handshakes will drive the adoption of the app (people who don’t have an app will be invited to install after scanning the QR code).
How we address it: We have the vision that if we make the code of our app open-source, coupled with the fact that nothing (except digital handshake using QR-code, which is end-to-end encrypted) is sent to the back-end server except with user consent when he/she falls ill and reports it, it will allow us to gain trust and momentum.
How we address it: We will make our back-end, our user-id format, QR-code format and our Bluetooth specifications open to anyone. Our code will be open-source so our ‘competitors’ can look how exactly it is implemented, they can use specifications, code and back-end itself as they please to register contacts with users of our app under the condition that they provide us the ability to register contacts with their users.