Scroll to Top

News At First

News At First

Last Date extended for Federal Bank Hormis Memorial Foundation Scholarship Kochi Federal Bank had invited applications for Federal Bank Hormis Memoria... SBI embraces new benchmarks (ARRs) in LIBOR transition January 01 2022 is crucial for the LIBOR transition process since all the... Federal Bank partners with Schwing Stetter India  Kochi Federal Bank India’s leading Private Sector Bank today signed a Mem... LSAC to administer LSAT—India™ 2022 in January and May 2022 for law school aspirants Kochi The Law School Admission Council LSAC has announced the administratio... District Olympic games to begin from January 8th Kochi The district level games which will determine the athletes and teams ... Logic Scholarship applications submission date extended till December 31 2021 Logic School of Management has extended the applications submission date fo... Honda 2Wheelers India commences Global Engine Manufacturing from Gujarat Plant Ahmedabad Honda Motorcycle and Scooter India Pvt Ltd commenced the manufact... Myntra's EORS-15 set to attract 60 million visitors with platform geared to handle 15,000 orders per minute at peak Bengaluru The 15th edition of Myntra’s biannual EORS the nation’s mega ...

Qatar's contact tracing app exposed data of over 10 lakh people: Report

by Gulf | 27-05-2020 | 671 views

Contact tracing apps have the potential to slow the spread of COVID-19. But without proper security safeguards, some fear they could put users’ data and sensitive info at risk. Until now, that threat has been theoretical. Today, Amnesty International reports that a flaw in Qatar’s contact tracing app put the personal information of more than one million people at risk.

The flaw, now fixed, made info like names, national IDs, health status and location data vulnerable to cyber attacks. Amnesty’s Security Lab discovered the flaw on May 21st and says authorities fixed it on May 22nd. The vulnerability had to do with QR codes that included sensitive info. The update stripped some of that data from the QR codes and added a new layer of authentication to prevent foul play.

Qatar’s app, called EHTERAZ, uses GPS and Bluetooth to track COVID-19 cases, and last week, authorities made it mandatory. According to Amnesty, people who don’t use the app could face up to three years in prison and a fine of QR 200,000 (about $55,000).

For contact tracing apps like EHTERAZ to work, they need widespread adoption - Amnesty says mandating the apps is not the right approach. Security blunders like this one could discourage people from using the apps and undermine efforts to slow the spread of the virus.

Qatar’s misstep may encourage more countries to adopt the Apple-Google model. The “decentralized” API stores sensitive info in users’ phones, rather than a centralized server. It uses Bluetooth to exchange keys and it doesn’t gather location data. While the Apple-Google API can’t identify users, the apps that use the API may be able to. So security and privacy policies should be examined on an app-by-app basis. Hopefully incidents like this will remain rare.

Lets socialize : Share via Whatsapp