Bluetooth interface: this is how the Corona application works with Android

More than 94 percent of all Android devices worldwide should be able to use the intended Corona app. This arises from new specifications for the planned Bluetooth interface, which the Android manufacturer Google has released (PDF). Consequently, the function can be used from Android version 5.0 (Lollipop / API level 21). The interface is automatically implemented through Google Play services, so an operating system update is not required at the moment.

Although Android supports the Bluetooth Low Energy (BLE) standard of version 4.2 (Jelly Bean / 18.3), initially it was said that the API for contact tracking was only available in Android 6 (Marshmallow / 23). Based on current Android global distribution figures, 94.1 percent of all Android devices run Android 5.0 or higher. Therefore, a comprehensive use of the application would be possible if users update their Google Play services.

No access to location data required

According to the documentation, all that is required to use the application is access to Bluetooth services. Activation of the precise location data previously required for BLE is not required. Google Play will perform four basic functions for tracking contacts in the future.

This includes managing randomly generated keys that are used to identify the device and are loaded in the event of an infection. Additionally, the API sends and receives changing device IDs (rolling proximity identifiers / RPIs) and stores the received IDs on the device. The interface also takes charge of calculating the risk of infection if, based on the evaluated IDs, it was determined that a user was close to an infected person. The interface for sending and scanning Bluetooth beacons is also implemented in the interface. No further user interaction is planned.

Authorities provide servers

The actual application, which will be provided by the health authorities, mainly serves to connect the device to a central server. In addition, the application must ensure that the health authorities have authorized the loading of the data in case of infection. All other users download this data regularly, at least once a day. However, RPIs that change every ten minutes are not used, but exposure keys are generated daily, from which RPIs can be generated and compared to stored RPIs.

When the keys are loaded, a time stamp is also transmitted from which the RPIs can be derived, as well as the respective degree of transmission risk. The health authority can use your application to calculate the risk based on various factors provided by the interface. This includes the duration and interval of contact, the measured signal strength, and a user-dependent transmission risk. The API provides eight levels for each of the four factors, which can then be assigned to each level and weighted by the application. The combination of the four factors also results in an eight-step risk displayed to the user.