I have been fortunate enough to be part of a Portuguese working group that is actively analyzing and discussing the security and privacy implications of a future contact tracing app in Portugal. In particular, with regard to securing these apps from potential threats. We have seen some countries taking different approaches (centralized, decentralized) and several different technologies being leveraged to build these apps (both native technologies and web technologies like JavaScript).

About the author

Pedro Fortuna is the Co-Founder and CTO of Jscrambler.

Most discussion on contact tracing apps is centered around the issue of privacy, so one of my roles has been to shed light on the underlying security issues that may make it easier for attackers to tamper with contact tracing apps and potentially breach privacy on a massive scale. With several countries all over the world developing and launching contact tracing apps, it is timely to analyse the differences between these apps and to highlight relevant security issues. Let’s take a closer look.

Source Article