Australia’s COVIDSafe app has been dubbed one of the safest of its kind in the world, after analysis by South Australian cybersecurity experts.
A team from the University of Adelaide’s School of Computer Science made the claim after assessing 34 international Android COVID-19 contact tracing apps for security and privacy vulnerabilities.
Associate Professor Damith Ranasinghe said while most contact tracing apps were vulnerable to attacks, contained trackers or could create false data about cases if hacked, Australia’s version was well designed.
“Developers across the nation have continually improved its security,” he said.
“Everyone in Australia should be using the COVIDSafe app, in our opinion. It’s one of the best of its kind anywhere in the world.”
The study found about 70 per cent of apps posed security risks due to insecure data cryptographic algorithms or by storing sensitive information in plain text.
About 75 per cent also contained at least one tracker, such as Google or Facebook, which collected information about a person’s activities on their mobile devices.
Jason Xue said as part of the assessment, the team identified a potential attack scenario and proposed an idea to mitigate the risk.
“In the latest version of COVIDSafe, developers have encrypted its local database which is stored in the phone, so that even if data is breached, the attacker will not be able to decrypt the data,” Dr Xue said.
The team will now analyse any vulnerabilities associated apps available for Apple iPhone users.
Contact tracing apps record prolonged and close proximity interactions between individuals by using sensing methods, like Bluetooth.
Australia’s was developed to help speed up the process of contact tracing if someone was infected with COVID-19 but it only picks up interactions between those who have installed the app.
Its effectiveness is dependant on the number of people who download it with six million installing it on their phones so far.
In May, legislation was introduced to federal parliament which could hit hackers with a jail sentence of up to five years as well as large fines for illegally accessing data stored by the app.
At the time, Attorney-General Christian Porter said he hoped more Australians would be encouraged to download the app as a result of the proposed privacy laws.