A Survey of COVID-19 Contact Tracing Apps (2006.10306v3)

Abstract: The recent outbreak of COVID-19 has taken the world by surprise, forcing lockdowns and straining public health care systems. COVID-19 is known to be a highly infectious virus, and infected individuals do not initially exhibit symptoms, while some remain asymptomatic. Thus, a non-negligible fraction of the population can, at any given time, be a hidden source of transmissions. In response, many governments have shown great interest in smartphone contact tracing apps that help automate the difficult task of tracing all recent contacts of newly identified infected individuals. However, tracing apps have generated much discussion around their key attributes, including system architecture, data management, privacy, security, proximity estimation, and attack vulnerability. In this article, we provide the first comprehensive review of these much-discussed tracing app attributes. We also present an overview of many proposed tracing app examples, some of which have been deployed countrywide, and discuss the concerns users have reported regarding their usage. We close by outlining potential research directions for next-generation app design, which would facilitate improved tracing and security performance, as well as wide adoption by the population at large.

Overview of COVID-19 Contact Tracing Apps: Architectural and Security Insights

The paper "A Survey of COVID-19 Contact Tracing Apps" provides a detailed examination of the various architectures used in developing contact tracing apps that emerged during the COVID-19 pandemic. This analysis is crucial for understanding how different system designs address the challenges posed by privacy, security, and efficiency. The authors categorize the tracing apps into three main architectures: centralised, decentralised, and hybrid, each with its distinct features and implications.

System Architectures

Centralised Architecture:

This approach centers around a server responsible for key functions such as generating temporary identifiers (TempIDs) and storing personally identifiable information (PII). Upon a positive COVID-19 test, users can voluntarily upload their encounter history, which the server uses to notify at-risk contacts. The centralised model, exemplified by the Bluetrace protocol, provides structured control but raises significant privacy concerns due to its reliance on a central authority to handle sensitive data.

Decentralised Architecture:

Decentralised systems, like the PACT protocol from MIT, aim to enhance user privacy by letting devices locally generate anonymous identifiers (chirps) used for contact logging. Only when users test positive are their keys uploaded to a server for others to download and check against their contact history. While this increases privacy by limiting server access to sensitive information, there are challenges in preventing data misuse if additional contextual data is collected.

Hybrid Architecture:

The hybrid model seeks a balance, decentralising ID generation while centralising risk analyses and notifications. Protocols like DESIRE employ cryptographically protected identifiers (Ephemeral IDs and Private Encounter Tokens) that keep user data confidential from the server. This design attempts to mitigate the risks of complete server dominance while retaining centralised oversight over critical processes.

Privacy and Security Concerns

A significant theme in this paper is the delicate balance between privacy preservation and the effectiveness of contact tracing. Centralised systems store PII directly and must assure robust server security protocols to prevent breaches. Decentralised and hybrid models mitigate privacy risks by not associating user identities with contact data; however, they introduce other vulnerabilities such as false notifications due to relay/replay attacks or potential user de-anonymisation through linkage attacks.

Proximity Estimation and Technological Challenges

The efficacy of these apps partly hinges on accurate proximity estimation, primarily using Bluetooth Low Energy (BLE). The accuracy of BLE-based proximity estimation is impeded by environmental factors, hardware variations, and signal interference. Although decentralised systems limit the frequency of exchanges, they entail higher local processing loads, affecting battery consumption.

Comparative Analysis of Existing Apps

The paper provides a comparative evaluation of several real-world applications, such as Singapore's TraceTogether and Australia's CovidSafe, detailing their adherence to the discussed architectures. It reveals how different countries prioritize varying aspects of data protection, risk notification, and system transparency.

Future Directions and Conclusions

The authors propose future research into enhanced privacy-preserving architectures and improved proximity sensing technologies. Integrating advancements in AI for real-time risk assessment and exploring emerging quantum technologies are suggested as potential long-term research avenues.

In conclusion, this comprehensive survey highlights the evolving landscape of contact tracing apps. It underscores the significance of thoroughly evaluating privacy implications and technological capabilities to foster greater public trust and adoption, providing a roadmap for future pandemics. The paper serves as a valuable reference for researchers aiming to design more secure and effective digital public health tools.