Analyzing Security and Privacy Concerns of Contact Tracing Applications

The spread of COVD-19 has affected normal life like no other pandemic in the 21st century. This has seen the evolution and adoption of digital contact tracing applications, majority of which rely on google and apple exposure notification and can easily be downloaded for use in any smartphone. It is imperative to protect personal health information transmitted in these apps. Developers have been criticized for slacking in protecting personal health information and on being non-compliant to HIPAA. Using MobSF, we interact with these apps to detect security vulnerabilities and demonstrate whether they are complying with their privacy policies. Our analysis showed that contact tracing applications have poor security features and not safe.