India said it would publicly release the source code for its contact tracing application, Aarogya Setu, to help privacy and security experts who have been in favor of this since launching the app in early April.
Ajay Prakash Sawhney, secretary of the Department of Electronics and Information Technology, made an announcement on Tuesday, calling it the “heart-opening” application of Aarogya Setu, which has gathered more than 114 million users in less than two monthsto allow engineers to check and tinker with the code.
Aarogya Setu’s Source Code Android the application will be published on Github at midnight Tuesday (local time). Sunny said the government will also offer a cash prize of up to $ 1,325 for identifying and reporting bugs and vulnerabilities in the Aarogya Setu code. (Almost 98% of the Aarogya Setu app is on the Android platform.)
Several privacy and security advocates, as well as an opposition party in India, have called on the government to publish the application’s code for a public audit after several vulnerabilities have been discovered in the application.
Sohni said today’s move should lessen people’s concern over an application that is designed to help curb the spread of coronavirus disease. Earlier this month, Sounny said the government did not open the Aarogya Setu app, as it is worried that it will overwhelm the team, which is mainly made up of volunteers who are tasked with developing and maintaining the app.
Aarogya Setu, in contrast to the contact tracking technology developed by smartphone makers Apple and Google, stores certain data on a centralized server. Privacy experts, including Baptist researcher Robert Robert, argue that this approach opens the application to potential leaks and data.
More to follow …