IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Android and iOS updates pave the way for app-free contact tracing

The latest OS upgrades will allow authorities to manage COVID-19 outbreaks by sending notifications direct to handsets

Google and Apple have updated their contact-tracing capabilities to allow public health authorities to directly notify users about any potential exposure to coronavirus, without the need for an app.

Launched with iOS 13.7, and set to feature in an Android OS upgrade later in the month, Exposure Notifications Express allows users within a jurisdiction to participate in contact tracing using just their device.

Previously, software based on the Google and Apple-developed API was required for the Bluetooth-powered contact-tracing technology to work properly. The operating system update, however, allows those users who want to opt-in but don’t wish to download an app to participate in the scheme anyway, should the specific region’s public health authority decide to support Exposure Notifications Express.

Users with an iPhone running iOS 13.7, as well as an up-to-date Android handset once the update is rolled out, must first enable Exposure Notifications through their settings menu. The mechanism still relies on Bluetooth to establish contacts between users and adopts a similar authentication mechanism to the in-app experience.

Test centres will report positive tests to a central public health authority, which will, in turn, engage in a complex verification process with the user’s device. This mechanism involves the exchange of verification codes and tokens between the user’s device and two servers in order to securely establish the positive COVID-19 test is genuine.

When a user’s positive test is verified, it’s added to the database in the form of a key, which is subsequently downloaded by others. Those who’ve registered a contact with the coronavirus sufferer’s smartphone through Bluetooth are then notified directly that they may be at risk.

To support the app-free technology, public health authorities must first deploy a test verification server, which validates positive COVID-19 tests during a key upload, as well as the key server, which handles key uploads and downloads.

The developers’ contact-tracing technology has, until now, only been available in the form of an API that public health authorities could work with to develop an app which they must then encourage people to download.

The UK, for example, has been trialling a version of such an app on the Isle of Wight and the London borough of Newham, based on the Google and Apple API. This step was only taken after the government first attempted to build an app from the ground-up.

Its development ran into major problems, however, including reports of bugs and security issues, with the project being eventually abandoned following an initial trial, again on the Isle of Wight.

Baking this technology into the respective mobile operating systems represents a major step forward in encouraging more widespread adoption, which is essential for digital contact-tracing to work effectively.

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

Free Download

Powering through to innovation

IT agility drive digital transformation

Free Download

Most Popular

Actively exploited server backdoor remains undetected in most organisations' networks
cyber attacks

Actively exploited server backdoor remains undetected in most organisations' networks

1 Jul 2022
Macmillan Publishers hit by apparent cyber attack as systems are forced offline
Security

Macmillan Publishers hit by apparent cyber attack as systems are forced offline

30 Jun 2022
Former Uber security chief to face fraud charges over hack coverup
data breaches

Former Uber security chief to face fraud charges over hack coverup

29 Jun 2022