The Canberra Times

$10m COVIDSafe app collecting dust

$10m COVIDSafe app collecting dust
$10m COVIDSafe app collecting dust

This is branded content.

The federal government's nationwide COVIDSafe app has delivered lacklustre results after the Department of Health's long-awaited report reveals that only a fraction of the nation's total case numbers were recorded using the app.

App developers and cybersecurity professionals were wary of the contact tracing COVIDSafe app upon its launch, as the application's ability to register other nearby COVIDSafe app users via Bluetooth raised security concerns across the country.

"I don't know who built the COVIDSafe app, but it is difficult to comprehend how so much public money could be spent on an app that seems to be providing little value," says Joseph Russell, founder of prominent Melbourne-based app development agency, DreamWalk.

The majority of Victorians have been using the state government's Service Victoria app in order to scan QR codes and check in to public spaces across the city of Melbourne.

In a similar fashion, other state governments have released their own alternatives to the COVIDSafe app which don't rely on sending users location-based notifications or sharing user or device data with other nearby app users.

Key security concerns with the COVIDSafe app

In their report on the operation and effectiveness of COVIDSafe and the National COVIDSafe Data Store (NCDS), the Department of Health refers to interactions recorded through the app as 'digital handshakes'.

Behind the curtain, this 'digital handshake' comprises the app logging the other user's encrypted user ID, alongside the date, time, Bluetooth signal strength, proximity of the contact, as well as the model of the other user's phone.

Any recorded interaction allows the COVIDSafe app to store all of this encrypted information on your device.

Authorities assert that these measures aren't entirely necessary and that storing this data provides hackers or malware with the opportunity to unencrypt and take advantage of this sensitive user and device data.

Although the government has mitigated this risk by deleting data after 21 days, experts still question whether the collection of this data in user devices is necessary.

As digital handshakes are only registered if the app detects other nearby users, in order for the app to be effective, the majority of the nation's population should be utilising this digital tool.

As it currently stands, 7.6 million Australians have registered for COVIDSafe, but it's unclear what percentage of this figure is still using the app. According to the Department of Health's own report, however, the app has only been used approximately 44 times in the past six months.

Despite these incredibly low figures, the app continues to receive government funding on top of the $6.7 million that was allocated to its initial development. To date, the app has also undergone 24 software updates, and is said to cost an average of $100,000 a month to maintain.

Concerns regarding the Delta strain

As NSW continues to tackle the highly contagious Delta strain of the coronavirus, state government officials have directly stated that they aren't using the COVIDSafe app to trace cases.

The reason for this is that the metrics used to register close contact don't take into account the increased virality of the Delta variant.

Infectious disease experts assert that the COVIDSafe app will need to alter its current methods for registering close contacts, which demands that app users stay within 1.5 metres of potential exposure cases for over 15 minutes.

In order for the COVIDSafe app to accurately determine any user's exposure to potential positive cases, close contacts must be recorded as any interaction over 5 minutes and with narrower parameters regarding user proximity to these cases.

Naturally, adjusting these close contact parameters may cause the app to send users a greater number of notifications and store larger amounts of other user and device data, which may further exacerbate the COVIDSafe app's tendency to drain device batteries at an alarming rate due to its continued use of Bluetooth.

This criticism surrounding battery consumption has also been raised by members of parliament.

Is the app worth fixing?

As state-funded COVID-19 contact tracing initiatives have continued to record consistently higher user stats over the COVIDSafe app, it's not likely that allocating even more funds to 'fixing' the app will be a worthwhile investment for the federal government.

Although some epidemiologists assert that the COVIDSafe app may have been effective if it had been launched with adequate UX testing and as a mandatory national measure, the fact that state-funded initiatives have filled in the gaps left by COVIDSafe reflect that Australia has a rapidly dwindling need for this nationwide COVID-19 tracking initiative.