Apple and Google have released a software tool that will make it possible for nations to release coronavirus contact-tracing apps that adopt the firms’ privacy-centric model.
It offers developers access to added Bluetooth functionality to solve a problem existing apps have of iPhones sometimes failing to detect each other.
Android and iOS device owners will have to carry out system upgrades.
But some countries – including the UK – are pursuing a different approach.
“The release of these APIs [application programming interfaces] along with the operating-system updates will be a watershed moment for the development and adoption of proximity-tracing apps,” said Marcel Salathé, an epidemiologist at the Swiss research institute EPFL.
“Going forward, our efforts have to be on ensuring interoperability across regions, which will be significantly easier now [for] apps based on the same protocol.”
Apple and Google said public health agencies from 22 countries had already asked to test their “exposure notification” system’s API.
The app was not “a silver bullet” – but “user adoption is key to success and we believe that these strong privacy protections are also the best way to encourage use”.
Contact-tracing apps are designed to automatically log when two people come into proximity to each other for a significant amount of time.
If one is later diagnosed with the coronavirus, the other can be given an alert, which might suggest they self-isolate and/or request a medical test of their own.
But the authorities believe adoption has been hampered by two factors:
- concerns the technology poses a privacy risk
- restrictions Apple places on third-party apps’ use of Bluetooth in the background
In theory, the new system should address both these issues.
Its “decentralised” approach locates contact-matching on devices themselves rather than a centrally controlled computer server.
And this aims to cut the risk of either hackers or the authorities using the database of who met whom and for how long for other purposes.
But the UK’s NHS and its counterparts in France, Norway and India say the centralised approach gives them greater insight, making it easier to tweak the risk model that decides who receives which type of alert.
Apps that adopt Apple and Google’s API can customise it within certain limits.
But they will not be able to log, for example, a phone’s global positioning system (GPS) coordinates.
“Not collecting some kinds of data, such as location, is a policy decision, not an engineering one,” technology consultant Benedict Evans said.
“But Apple-Google have to build something for every phone on Earth, [potentially] including China and Iran, and think about how it could be abused.
“How much you need the extra data and whether it’s worth the privacy risks is a matter of opinion.”
Austria was the first country to roll out a decentralised contact-tracing app.
Stopp Corona, operated by the Red Cross, has been downloaded more than 600,000 times.
And its developers, Accenture, now intend to build in Apple and Google’s API for a 10 June update so iPhone-users no longer have to bring the app on-screen for it to work effectively.
But Stopp Corona currently gives users the option of manually controlling when matches occur – by pressing an on-screen button to trigger a Bluetooth “handshake” .
And this is not currently possible within the Apple-Google model.
So the developers plan to switch to using ultrasonic audio pings in this situation.
Apple and Google’s API is also currently incompatible with the way Stopp Corona triggers different types of notification.
The app first serves a yellow alert if a contact self-diagnoses as having the virus and then follows up with a red or green alert depending on whether a medical test confirms it.
And the developers are working with Apple and Google to try to retain this functionality.
“There’s really good collaboration on both sides,” Christian Winhelhofer, the Accenture executive involved, told BBC News.
“They’re really interested in working on solutions that fit our needs.”
Germany’s forthcoming Corona-Warn-App is also set to adopt the Apple-Google protocol.
But its developers have complained handsets not in use are limited to listening out for a Bluetooth signal only once every five minutes for a duration of about four seconds.
So, in theory, a couple hugging for three minutes, for example, might not be logged, while another merely brushing past each other at the right time would be.
Apple and Google are aware of this issue.
By contrast, the NHS’s app listens out for a match roughly once every eight seconds.
The NHS has also developed its own workaround to the iPhone Bluetooth issue.
But it is still exploring the Apple-Google system as a back-up plan.