“The Planned Coronavirus App Is Useful and Well Thought-Out”

Examples from South Korea or Iceland show that smartphones can help to contain the spread of the coronavirus. Amidst controversy, Germany is currently also considering the use of a tracing app. We interviewed Professor Frederik Armknecht, data security expert and holder of the Chair of Computer Science IV at the University of Mannheim, about the technology, advantages and potential risks of such an app.

The government is presently considering introducing a tracing app. How does an app of this kind work?
The app initially generates a secret key. This key is then used to create an anonymous identification number (ID) for a predetermined period of time, for example one day. If two users are within close proximity of each other, their smartphones will exchange these IDs via Bluetooth and store them locally. After the predetermined time period has ended, the current key will generate a new key, which will in turn create a new ID, and so on.

Should users of the app be diagnosed with COVID-19, they will publish the key that was valid at the time they fell ill. Using this key, the other users’ devices can generate the IDs valid at that time and compare them with the ones stored locally. Should other app users establish that they had contact to the infected person during the time in question, they can turn to the health authority responsible for them.

What are the advantages of such an app?
Provided the app only does what it is supposed to according to public information, a great advantage is that the collected IDs – as well as any keys published – are independent from real user data, and are only stored and processed locally on the smartphone. Another advantage is that the app only employs cryptographic procedures that have been tested extensively. Moreover, the stored data are so compact overall that the system is easily scalable. Even if millions of people use this app, the data traffic and additional expenditure are within reason. Another benefit is that the data are collected automatically, which means that all potential contacts can be notified without making it necessary for experts to take these steps manually.

What are the risks in your opinion?
Generally, you have to trust the app as it is constantly accessing Bluetooth and storing and processing data internally. However, this is the case with almost every app. As the identification numbers are sent automatically, there is a risk of interception. Overall, however, I think the concept is very well thought-out, and I see only minimal risks at the moment.

Are there any models yet which are developed enough to be used in Germany?
I am not aware of any. However, the researchers who have developed the corresponding cryptographic protocol have published the protocol details and are explicitly encouraging others to examine them and point out potential flaws – which has already been done. They are also in discussions with epidemiologists to establish whether the data collected are sufficient.

Could Germany just copy South Korea or other countries in applying a measure of this kind?
Not necessarily. The data protection regulations in place in South Korea differ from those in Europe. In South Korea, it is possible to collect and evaluate certain data which would not be allowed in Europe, for instance GPS data. In addition, South Korea, unlike Germany, is a completely digitalized country.

Once the pandemic is over, will it be possible to remove such an app from our phones without any issues and, more importantly, permanently?
In principle, yes. Just like any other app, the tracking app can be installed but also deleted.

What is your personal opinion of this measure?
I know several of the security experts involved in the concept personally and believe them to be absolutely trustworthy. I therefore have a very positive view of this measure and will install the app myself.

Professor Armknecht’s positive opinion of the tracing app refers to the so-called decentral solution that is also the preferred choice of security experts. Meanwhile, however, there are concepts considering a central solution which stores and processes all data centrally. Prof. Armknecht views this development critically and fully supports his colleagues’ open letter opposing this central solution.