COVIDSafe Explained: Everything You Need To Know About the Australian Government's Coronavirus App

Credit: COVIDSafe

The Australian government is trying to slow and stop the spread of COVID-19 through a new app called COVIDSafe. Here’s everything you need to know the app.

How does the app work?

The idea here is to use the Bluetooth capabilities of your smartphone to mimic and track the potential vectors through which coronavirus can spread. If you spend more than 15 minutes within "close contact" (1.5-meters) of another person running the app, both devices will exchange and log an ‘encrypted reference code’ that records the incident.

Then, if you end up contracting the virus and end up reporting it through the app, that contact data is made accessible to state and federal territory health officials and contact tracing teams so that they can inform anyone you may have had close contact with in the prior 21 that they may be at risk.

How do I download the app?

The COVIDSafe app can be downloaded through the iOS App Store and Google Play Store from this week.

Android users will need a device that runs on Android 6.0 (Marshmallow) or higher while iPhone users will need to be running iOS 10 or higher. 

How long does it take to set up?

Setting up the COVIDSafe app only takes a few minutes. You will need a stable internet or mobile broadband connection but the download shouldn't take long. The app itself is only a handful of megabytes in size.

Once you've installed the app, launching it will prompt you to supply some basic registration details and opt-in to the various terms, conditions and device permissions that COVIDSafe demands. 

What if I’m on Android?

Fret not. The COVIDSafe app is available on both iOS and Android. You can download it through the Google Play Store here.

Will running the COVIDSafe app drain my smartphone’s battery?

There’s nuance to be unraveled here but if you’re looking for an easy answer, then yes. It's only natural for a device running more apps in the background to burn through its battery faster than one running less apps in the background.

However, predicting or measuring what that additional burden on battery life looks like and then evaluating whether that cost is reasonable is an inevitably thorny question.

According to the COVIDSafe website, “Battery consumption on tested devices is only marginally greater with the app running.”

However, for obvious reasons, the impact that the COVIDSafe app will have on your battery life is going to vary based on the size of the battery inside your device, how old it is and whether or not you have any particular draconian battery saving settings enabled. 

Credit: ID 177976713 © Arne9001 |

So far, our testing found that having the COVID-Safe app running in the background had a minimal impact on our everyday battery life. Left to run in the background for hours on end, it appeared to consume less battery life than apps like Spotify, Google Photos and Instagram did in mere minutes of active use. 

We’ll keep testing it but it appears that while the COVIDSafe app does have an impact on battery life, it is at least a minimal one. 

Am I legally required to use COVIDSafe?

According to the website, the COVIDSafe app is entirely voluntary and that the app cannot be used to enforce quarantine or isolation restrictions or any other laws.

What about my data? Is it being stored in a safe and secure way?

To begin with, let’s break down everything that the COVIDSafe app actually tracks:

  • Your name

  • Your age

  • Your postcode

  • The reference numbers of anyone you’ve encountered in the last 21 days and the details of these incidents. This covers contextual information such as date, time, proximity and duration of contact

  • App-related data like troubleshooting, performance and error logs

Important detail here: while the COVIDSafe app does require you to enable location tracking on Android, it doesn’t actually use or store that data. According to the website, the reason why is more administrative than anything else.

"Android/Google requires all apps that request access to Bluetooth® to also obtain location permission. As a result, COVIDSafe on Android asks for location permissions because they are needed for Bluetooth permissions."

All this collected data, including the reference numbers of everyone you’ve come into close contact with over the last 21 days, is stored locally on your device.

As per the COVIDSafe website, “This information is encrypted on your phone and cannot be accessed or viewed by anyone, including you."

It stays there until it’s 21 days old, at which point they are automatically deleted. 

Now, the details you supply when registering for the COVIDSafe - name, post-code, age and phone number - are also stored on a cloud-based and “highly secure information storage system” hosted in Australia. 

This secondary storage location is also used to house any uploaded close contact information. 

The way this works is that, if you are diagnosed with coronavirus, you'll be asked by a state or territory health official to upload the close contact information stored on your device to a cloud-based server.

Credit: COVIDSafe

This process is opt-in and, according to the COVIDSafe website, “If you change your mind after you've consented to upload your information to the secure information storage system, you can request for that information to be deleted.”

The COVIDSafe website says that this system is geo-locked and that the information stored within it cannot be taken out of Australia.

Access to the system is also said to be tightly controlled. As per the website, “State or territory health officials can only use information from the secure information storage system for the purposes of contacting people who may have been exposed to coronavirus.”

“It will be a criminal offence to use any app information in any other way. Other agencies, including law enforcement, will not be able to access the information unless investigating misuse of that information itself.”

“These provisions will be enshrined in legislation when Parliament returns in May.”

However, some within Australia’s IT industry have expressed doubts about how securely this data is being stored.

A blog post on Github by Chris Culnane, Eleanor McMurtry, Robert Merkel and Vanessa Teague claims that “It is not true that all the data shared and stored by COVIDSafe is encrypted."

Specifically, they say that the app shares the phone's exact model in plaintext with other users and that this dataset is stored alongside the corresponding Unique ID.

 “Although it may seem innocuous, the exact phone model of a person's contacts could be extremely revealing information. Suppose for example that a person wishes to understand whether another person whose phone they have access to has visited some particular mutual acquaintance. The controlling person could read the (plaintext) logs of COVIDSafe and detect whether the phone models matched their hypothesis. This becomes even easier if there are multiple people at the same meeting. This sort of group re-identification could be possible in any situation in which one person had control over another's phone. Although not very useful for suggesting a particular identity, it would be very valuable in confirming or refuting a theory of having met with a particular person.”

How long does the COVIDSafe app hold onto my data?

From what we understand, the app holds onto any collected info for a rolling 21-day time period and deletes that encrypted data automatically.

In addition, “You can delete the app from your phone at any time. This will delete all the app information from your phone.”

The COVIDSafe website says that “ any information contained on the secure information storage system will be completely deleted at the end of the pandemic.”

How can I tell if the app is running? Do I need to leave it open on my phone at all times?

If the COVIDSafe app is set up correctly, you should be able to see it in your device’s notification drawer. If it isn’t there, try resetting your device or reinstalling the COVIDSafe app. 

The app also notifies iOS users if it detects it hasn’t been running for longer  than 24 hours. 

How much data does COVIDSafe use?

According to the COVIDSafe website, “The app uses less than 1MB of data per day. It does not need to be connected continuously to the Internet to work, but it does need to connect occasionally to retrieve new temporary IDs from the server.”

What problems does the app have?

In the days since it launched, a number of usability issues for the app have been discovered. Some of these make it difficult for certain users to sign up and use the app. 

For example, You can only use Australian mobile phone numbers starting with '04' and containing 10 digits. This means that customers on international SIMs currently in Australia are currently unable to sign up. 

Another issue is that Android and iOS users cannot download the app if their Google Play or Apple account is set to an overseas location. The app itself is also only available in English, which may affect uptake among Australians who don't speak it.

Does COVIDSafe work on iOS?

This is the other big topic of debate around the COVIDsafe app.

From the moment the app was launched, the Federal government have been pushing it as a pseudo-requirement for the journey back towards normality. Prime Minister Scott Morrison has compared the app to sunscreen and claimed that it is Australia's ticket to a COVID-safe Australia where we can go about doing the things we love doing once again."

Important pit stop on the road to talking about the app's iOS issues: this is not a good metaphor. Installing the CovidSafe app on your phone won't directly protect you from the virus. It just makes it easier for health authorities to contain the spread in the event that you do end up infected.

Now, this messaging gets particularly muddled when we're talking about iPhones. The Android and iOS versions of the app may share a name and purpose but, as pieces of software go, they operate in fundamentally different ways.

During a recent COVIDSafe app teardown panel hosted by cybersecurity experts, MFractor creator Matthew Robbins said that compared to iOS, "Android simply doesn't have the same concerns."

On Google's platform, the COVIDSafe app's Bluetooth scanning is essentially added to a whitelist of services that automatically run in the background on your device. On Apple's platform, the app entirely works as intended for as long as it is in the foreground. If you swipe into another app or lock your device, COVIDSafe's access to the iPhone's Bluetooth receiver progressively declines.

Alternatively, if you open another app that relies on Bluetooth connectivity, that can also affect whether or not the COVIDSafe app actually performs as intended and correctly detects nearby app users. The way that the iPhone specifically prioritizes app access to things like Bluetooth connectivity and memory is seemingly at odds with the way that contact tracing apps are designed to work.

The above issues are important because, even the loose and indirect definition of protection offered by the COVIDSafe app as it is is better than a version of the app that doesn't work at all. iOS commands over 50% of the mobile market in Australia. Until these issues are resolved, that enormous slice of of potential COVIDSafe installs might not be providing the contact tracing needed for the app to have any real value.

Thankfully, there looks to be something of a solution to these problems in the form of Google and Apple's new contact tracing APIs. After admitting to issues with the COVIDSafe app during a senate committee hearing, the government now says that they will look to investigate whether the new functionality announced by Google and Apple partnership could prove beneficial for app performance.

How many users does the app need to be effective?

As of early May, the government claims that over 5 million Australians have downloaded the COVIDSafe app.

The Australian government has previously claimed that 40% adoption across the country - approximately 10 million people - is the target for success here. However, recent reports have called that number into question.

On the 6th of May, a representative from the Department of health told a Senate Committee that they had "no advice"' in relation to whether or not they were working towards a target number of installs for the app other than "the more, the better."

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags coronavirusCOVIDSafe

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.
Fergus Halliday
Show Comments

Brand Post

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Tom Sellers


This smart laptop was enjoyable to use and great to work on – creating content was super simple.

Lolita Wang


It really doesn’t get more “gaming laptop” than this.

Jack Jeffries


As the Maserati or BMW of laptops, it would fit perfectly in the hands of a professional needing firepower under the hood, sophistication and class on the surface, and gaming prowess (sports mode if you will) in between.

Taylor Carr


The MSI PS63 is an amazing laptop and I would definitely consider buying one in the future.

Christopher Low

Brother RJ-4230B

This small mobile printer is exactly what I need for invoicing and other jobs such as sending fellow tradesman details or step-by-step instructions that I can easily print off from my phone or the Web.

Aysha Strobbe

Microsoft Office 365/HP Spectre x360

Microsoft Office continues to make a student’s life that little bit easier by offering reliable, easy to use, time-saving functionality, while continuing to develop new features that further enhance what is already a formidable collection of applications

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?