Go back
Mobile performance

Mobile apps to the rescue? Tracing contacts to break the chain of infection

Contact tracing apps in the context of the novel coronavirus pandemic give rise to great expectations, but to effectively track interactions and process data, these applications must aim for 100% availability and performance. As the mainstream press focuses on privacy issues, we have reviewed technology papers to look at the general principles of digital contact tracing.

Covid-19 mobile application accuracy and effectiveness

Numerous conditions and tech challenges limit the effectiveness of contact tracing apps. Some of the weakest links in the end-to-end process from app installation to risk alerting are attributable to human factors and app specifications. Other weaknesses are issues that mobile application developers are familiar with and can keep in check with mobile application performance monitoring.

Let’s take a look at some factors that affect the effectiveness of contact tracing and notifications before looking at how these mobile apps work.

Reliability of health and proximity data collection

At present, a smartphone’s contact tracing app can interact only with other phones on which the same app is installed and activated (this may change in the near future).
Effective contract tracing therefore depends entirely upon user participation, but a very small percentage of the population voluntarily installs such apps. Furthermore, many apps are programmed to dump data after 14 days for privacy reasons. Even supposing Covid-19 testing is accurate, what if test results are not known in time, or are not input into the app correctly and promptly?

As for proximity, contact tracing apps use any of three ways to detect interaction: phone location data, GPS geolocation by satellite, or Bluetooth short-range wireless technology. Each has its own set of limitations and drawbacks, in addition to the ever-present problem of connectivity. Furthermore, physical distancing criteria built into the apps are questionable. Many apps consider that mobiles (with the same app) are matches at a distance of 2 metres (or 6 feet) or less; for others, only phones within 1 metre of each other for 15 minutes qualify as contacts…

Contact tracing apps: download, circulate, report

But let’s not be deterred. Whatever their seeming deficiencies, these tracker apps serve an important purpose: to prevent further coronavirus outbreaks. How do they do work?

First of all, people download the contact tracker to their smartphones and activate their GPS or Bluetooth or whatever is required by the app. App users then circulate with their phones which have an ID in some form. For example, a mobile app that uses Bluetooth technology emits and collects a temporary key code (transient pseudonym) when it crosses another phone’s path. If all goes well, app users will not become ill or unknowingly encounter someone with Covid-19. However, if a user tests positive for coronavirus, the next step is to self-declare the results on the app (via laboratory QR code or other means).

From the moment a user self-reports, the way the app handles information differs according to the type of architecture on which the application is based, as explained below.

Mobile application architectures for SARS-CoV-2 contact matching

Whether they rely on Bluetooth, GPS, or phone location data, contact tracing apps handle health and proximity information in one of two ways. There’s the ‘centralized’ (and ‘semi-centralized’) architecture which has been recommended, for instance, by the Pan-European Privacy-Preserving Proximity Tracing (PEPP-PT). Then there’s the ‘decentralized’ architecture used by contact trackers that are compatible with the Apple-Google API. Both approaches require that some data be transmitted to a server at some point.

Taking the example of different Bluetooth apps approved for use in certain European nations, data is supplied to a centralized database only from the moment someone reports their positive Covid-19 test via their mobile app.

– in ‘centralized’ architectures, the app uploads the anonymized ID (transient pseudonyms or key codes) of the Covid-19 carrier’s phone and those of the phones it encountered (possibly along with other data, depending on the app and the authorities). The server analyzes interaction data and notifies app users who have been exposed to the Covid-19 carrier.

– in ‘decentralized’ architectures, the app uploads to the centralized database only the anonymized ID (transient pseudonyms or key codes) of the Covid-19 carrier’s phone. Other users’ apps can download the key codes from the server and compare them with their own interaction history to determine whether they have been exposed to risk.

As mentioned above, these steps can take place only between phones that have the same app.

Mobile app monitoring and CI testing for performance and stability

Efforts to contain the spread of Covid-19 with the help of mobile technology and contact trackers depend, as usual, on connectivity, how well the app functions, correct use of the application, its ability to get information to and from a central database… in short, the same challenges encountered by most mobile apps (plus a few more!).

Coronavirus contact tracing apps – just like any other mobile app – need to be monitored to check that services are available and performing effectively for end users who trust them with their health. The exchanges between the smartphone application and its central database, for example, must function optimally to ensure efficient contact matching.

Of course the automatic updates that everyone expects of a quality mobile app must be entirely regression-free. Automated testing in the continuous delivery chain is essential to ensuring the app’s stability and the reliability of its essential data collection, risk analysis, and exposure notifications.