“Hamagen” Application — Fighting the Corona Virus

As an urgent response to the Coronavirus pandemic, the Ministry of Health has decided to develop an application which will fulfill the following requirements :

1. Voluntary — no one will be forced to use the application
2. Location collection will be based on mobile device data, which has better accuracy than the current cellular tracking and as a result will prevent unnecessary mass quarantine
3. Immediate update for users on possible contact with a confirmed infected patient and the details of the exact contact, such as location and time
4. User privacy protection — data collection and matching will only happen on the user’s device, with no data reporting or submission to external sources

In order to ascertain that the application is written in a secure way and protect the user’s privacy, Profero has conducted the following steps:

1. Review of the application architecture together with the development and operational teams
2. Source code review ensuring that secure code development practices were used, that the data is indeed stored securely on the device and is not being sent to remote servers, and that no data leaks are found in the application
3. Analysis of vulnerabilities found by the Israel National Cyber Directorate, making sure none of them affect user privacy
4. Activation, analysis, and scanning of the application, to ensure a complete match between the source code and the compiled application
5. Verification that all communications channels are fully encrypted

The attached diagram illustrates the application’s flow, as was tested and approved by Profero.

Profero will continue to monitor and review every update of the application in order to ensure the continued privacy of users. In coordination with the Ministry of Health, Profero began revealing findings and application source code to key experts and researchers, in order to receive further reviews from fellow experts. At a later time, the project will be released as an open source project for the general public to use and review.

We would like to thank everyone who has taken part in this project in such critical times, working nights and weekends, pushing for the success of this project:

• Ministry of Health
• Israel National Cyber Directorate
• Tomer Zait, Guy Barnhart-Magen, Karin Kosowski, Ido Naor, and Inbar Raz

Omri Segev Moyal, Profero

High-quality infographic links by -

https://proferopublic.s3-eu-west-1.amazonaws.com/5f72cff6-0fb5-4517-9941-99331819b5a0/profero_infographic_Hamagen-App.jpg

https://proferopublic.s3-eu-west-1.amazonaws.com/5f72cff6-0fb5-4517-9941-99331819b5a0/profero_infographic_Hamagen-App.pdf