The app, known as The Shield, was developed by private security firm Profero for the country's Ministry of Health and is available for both iOS and Android devices, according to tweets from the data breach monitoring and prevention service Under the Breach.
The app collects a user's SSID and GPS data throughout the day and uses this data to warn people when they visit a location where known coronavirus cases are known to have been present.
The data on a user's device is compared to data from the ministry which is downloaded every hour so that it is current. Information is sought from coronavirus patients as to the places they have visited and, if this is provided, it is added to the master file maintained by the ministry.
He said the company had carried out the following steps to ensure user provacy:
- "Review of the application architecture together with the development and operational teams;
- "Source code review ensuring that secure code development practices were used, that the data is indeed stored securely on the device and is not being sent to remote servers, and that no data leaks are found in the application;
- "Analysis of vulnerabilities found by the Israel National Cyber Directorate, making sure none of them affect user privacy;
- Activation, analysis, and scanning of the application, to ensure a complete match between the source code and the compiled application; and
- "Verification that all communications channels are fully encrypted."
Under the app's terms and conditions of use it is mentioned that the transfer of information to the ministry of health will be subject to the approval of the competent authorities A.K.A Shin Bet...https://t.co/9jaxmsYRdO pic.twitter.com/onCOklhElT— Under the Breach ? (@underthebreach) March 22, 2020
To further convince users of the safety of using the app, the source code has been released on GitHub.
If a user of the app is matched to a location visited by a known coronavirus patient, then they have been advised to report it to the government.
Thanks to Bleeping Computer for a link to the Israel Government reporting site.