Apple, Google release new contact tracing API specs, security, accuracy measures | Mint
Active Stocks
Tue Sep 17 2024 15:59:16
  1. Tata Motors share price
  2. 975.00 -1.33%
  1. Tata Steel share price
  2. 152.80 -0.91%
  1. Power Grid Corporation Of India share price
  2. 336.65 -0.50%
  1. NTPC share price
  2. 416.25 1.27%
  1. ITC share price
  2. 507.45 -0.91%
Business News/ Technology / News/  Apple, Google release new contact tracing API specs, security, accuracy measures
BackBack

Apple, Google release new contact tracing API specs, security, accuracy measures

The metadata associated with Bluetooth will be encrypted now
  • Data about who a user has been near is only retained on the device for 14 days, and deleted after that
  • FILE PHOTO: 3D printed coronavirus model and Google logo are placed near an Apple Macbook Pro in this illustration taken April 12, 2020. REUTERS/Dado Ruvic/Illustration/File Photo (REUTERS)Premium
    FILE PHOTO: 3D printed coronavirus model and Google logo are placed near an Apple Macbook Pro in this illustration taken April 12, 2020. REUTERS/Dado Ruvic/Illustration/File Photo (REUTERS)

    After announcing that they would work together to help governments’ contact-tracing efforts, Apple and Google released more technical details about their efforts. Amongst the changes made to the API they will provide to others, are stronger encryption standards, more accurate Bluetooth signals and more.

    According to the companies, the changes are “the result of meaningful engagement and feedback from key external stakeholders around the world." Today’s announcements mostly revolve around cryptography and Bluetooth specifications in the API.

    Security

    Apple and Google will now be using the Advanced Encryption Standard (AES) instead of the earlier Hashed Message Authentication Code (HMAC). “Many devices have built-in hardware for accelerating AES encryption. This change will help performance and efficiency to avoid slowing down the phones, as we’ve determined that AES performs better for this application," the companies said.

    Further, the metadata associated with Bluetooth will also be encrypted now. This makes it tougher for an app to use that data to identify the person using said app. Apple and Google had earlier announced

    Also, the companies are changing the terminology from contact tracing to “exposure notification". The companies believe the new terminology better demonstrates what the API does. The API generates a “temporary exposure key" for a phone when an exposure event is being detected. So, when two phones are nearby and their Bluetooth signals are being used to identify that they are near each other, the unique id of the phone won’t be shared. These keys are now generated using a random number generator, which makes them more difficult to predict or identify manually.

    Data about who a user has been near is only retained on the device for 14 days, and deleted after that. “It doesn’t keep track going forward after a person has registered as COVID-19 positive," the companies said.

    Accuracy

    Temporary keys are anonymised and more difficult to link to a phone’s user than the phone’s unique id. Further, since the API also allows apps to ask for exposure time for users, it will only record this in five minute intervals and capped at 30 minutes. This would make it easier for apps to gather exposure notifications more accurately.

    The two companies are also letting apps record the “power levels" of Bluetooth signals now and developers can specify the signal strength. This is important since it lets apps ascertain the distance between two phones better and hence identify exposure events more accurately. “This will help public health authorities individually define what constitutes an exposure event by setting parameters for radio signal strength and duration that two phones have been in proximity," representatives from the companies said.

    Essentially, the Bluetooth signal strength lets an app understand how close two phones are, and this can be combined with the time those two phones have been near each other to determine whether the user has been exposed to the virus.

    3.6 Crore Indians visited in a single day choosing us as India's undisputed platform for General Election Results. Explore the latest updates here!

    ABOUT THE AUTHOR
    Prasid Banerjee
    An engineering dropout, Prasid Banerjee has reported on technology in India for various publications. He reports on technology through text and audio, focusing on its core aspects, like consumer impact, policy and the future.
    Catch all the Business News , Technology News , Breaking News Events and Latest News Updates on Live Mint. Download The Mint News App to get Daily Market Updates.
    More Less
    Published: 24 Apr 2020, 10:14 PM IST
    Next Story footLogo
    Recommended For You