COVIDSafe Explained: Everything You Need To Know About the Australian Government's Coronavirus App

Credit: COVIDSafe

The Australian government is trying to slow and stop the spread of COVID-19 through a new app called COVIDSafe. Here’s everything you need to know the app.

How does the app work?

The broad-strokes idea here is to use the Bluetooth capabilities of your smartphone to mimic and track the potential vectors through which coronavirus can spread.

If you spend more than 15 minutes within "close contact" (approximately 1.5-meters) of another person running the app, both devices will exchange and log an ‘encrypted reference code’ that records the incident. Then, if you end up contracting the virus and end up reporting it through the app, that contact data is made accessible to state and federal territory health officials and contact tracing teams so that they can inform anyone you may have had close contact with in the prior 21 that they may be at risk.

How do I download the app?

The COVIDSafe app can be downloaded through the iOS App Store and Google Play Store.

Android users will need a device that runs on Android 6.0 (Marshmallow) or higher while iPhone users will need to be running iOS 10 or higher. 

How long does it take to set up?

Setting up the COVIDSafe app only takes a few minutes. You will need a stable internet or mobile broadband connection but the download shouldn't take long. The app itself is only a handful of megabytes in size.

Once you've installed the app, launching it will prompt you to supply some basic registration details and opt-in to the various terms, conditions and device permissions that COVIDSafe demands. 

What if I’m on Android?

Fret not. The COVIDSafe app is available on both iOS and Android. You can download it through the Google Play Store here.

Will running the COVIDSafe app drain my smartphone’s battery?

There’s nuance to be unraveled here but if you’re looking for an easy answer, then yes. It's only natural for a device running more apps in the background to burn through its battery life faster than one running less apps in the background.

However, predicting or measuring what that additional burden on battery life looks like and then evaluating whether that cost is reasonable is an inevitably thorny question.

According to the COVIDSafe website, “Battery consumption on tested devices is only marginally greater with the app running.”

Back in April, Chief Information Officer at the Department of Health Daniel Keys, told the ABC that "it's only a marginal increase on the battery drain of the phone, and if you're not it's obviously equivalent to an application that uses Bluetooth, or an equivalent application such as Spotify or something that connects to your car."

However, for obvious reasons, the impact that the COVIDSafe app will have on your battery life is going to vary based on the size of the battery inside your device, how old it is and whether or not you have any particular draconian battery saving settings enabled. 

Credit: ID 177976713 © Arne9001 |

So far, our testing found that having the COVID-Safe app running in the background had a minimal impact on our everyday battery life. Left to run in the background for hours on end, it appeared to consume less battery life than apps like Spotify, Google Photos and Instagram did over the same period of time.

We’ll keep testing it but it appears that while the COVIDSafe app does have an impact on battery life, it is at least a minimal one. 

Am I legally required to use COVIDSafe?

According to the website, the COVIDSafe app is entirely voluntary and that the app cannot be used to enforce quarantine or isolation restrictions or any other laws. It is not against the law or illegal to not use the app.

However, some businesses may ask you to use the app as a condition of entry as per state-level regulations, such as NSW COVID Safe. For more on this, click here.

What about my data? Is it being stored in a safe and secure way?

To begin with, let’s break down everything that the COVIDSafe app actually tracks:

  • Your name

  • Your age

  • Your postcode

  • The reference numbers of anyone you’ve encountered in the last 21 days and the details of these incidents. This covers contextual information such as date, time, proximity and duration of contact

  • App-related data like troubleshooting, performance and error logs

Important detail here: while the COVIDSafe app does require you to enable location tracking on Android, it doesn’t actually use or store that data. According to the website, the reason why is more administrative than anything else.

"Android/Google requires all apps that request access to Bluetooth to also obtain location permission. As a result, COVIDSafe on Android asks for location permissions because they are needed for Bluetooth permissions."

All this collected data, including the reference numbers of everyone you’ve come into close contact with over the last 21 days, is stored locally on your device.

As per the COVIDSafe website, “This information is encrypted on your phone and cannot be accessed or viewed by anyone, including you."

It stays there until it’s 21 days old, at which point they are automatically deleted. 

Now, the details you supply when registering for the COVIDSafe - name, post-code, age and phone number - are also stored on a cloud-based and “highly secure information storage system” hosted in Australia. 

This secondary storage location is also used to house any uploaded close contact information. 

The way this works is that, if you are diagnosed with coronavirus, you'll be asked by a state or territory health official to upload the close contact information stored on your device to a cloud-based server.

Credit: COVIDSafe

This process is opt-in and, according to the COVIDSafe website, “If you change your mind after you've consented to upload your information to the secure information storage system, you can request for that information to be deleted.”

The COVIDSafe website says that this system is geo-locked and that the information stored within it cannot be taken out of Australia.

Access to the system is also said to be tightly controlled. As per the website, “State or territory health officials can only use information from the secure information storage system for the purposes of contacting people who may have been exposed to coronavirus.”

“It will be a criminal offence to use any app information in any other way. Other agencies, including law enforcement, will not be able to access the information unless investigating misuse of that information itself.”

There provisions were passed via the Privacy Amendment (Public Health Contact Information) Bill in May 2020. However, some within Australia’s IT industry have expressed doubts about how securely this data is being stored.

Around the same time that the app launched, a blog post on Github by Chris Culnane, Eleanor McMurtry, Robert Merkel and Vanessa Teague circulating claiming that “It is not true that all the data shared and stored by COVIDSafe is encrypted."

Specifically, they noted that the app shares the phone's exact model in plaintext with other users and that this dataset is stored alongside the corresponding Unique ID. 

“Although it may seem innocuous, the exact phone model of a person's contacts could be extremely revealing information.”

Thankfully, in the months since, it appears that many of these smaller technical and privacy-related issues have been addressed.

How long does the COVIDSafe app hold onto my data?

From what we understand, the app holds onto any collected info for a rolling 21-day time period and deletes that encrypted data automatically.

In addition, “You can delete the app from your phone at any time. This will delete all the app information from your phone.”

The COVIDSafe website says that “ any information contained on the secure information storage system will be completely deleted at the end of the pandemic.”

How can I tell if the app is running? Do I need to leave it open on my phone at all times?

If the COVIDSafe app is set up correctly, you should be able to see it in your device’s notification drawer. If it isn’t there, try resetting your device or reinstalling the COVIDSafe app. 

The app also notifies iOS users if it detects it hasn’t been running for longer  than 24 hours. 

How much data does COVIDSafe use?

According to the COVIDSafe website, “The app uses less than 1MB of data per day. It does not need to be connected continuously to the Internet to work, but it does need to connect occasionally to retrieve new temporary IDs from the server.”

What problems does the app have?

In the days since it launched, a number of usability issues for the app have been discovered. Some of these make it difficult for certain users to sign up and use the app. 

For example, You can only use Australian mobile phone numbers starting with '04' and containing 10 digits. This means that customers on international SIMs currently in Australia are currently unable to sign up. 

Another issue is that Android and iOS users cannot download the app if their Google Play or Apple account is set to an overseas location. The app itself is also only available in English, which may affect uptake among Australians who don't speak it.

Does COVIDSafe work on iOS?

This is the other big point of debate around the COVIDsafe app.

From the moment the app was launched, the Federal government have been pushing it as a pseudo-requirement for the journey back towards normality. Prime Minister Scott Morrison has compared the app to sunscreen and claimed that it is Australia's ticket to a COVID-safe Australia where we can go about doing the things we love doing once again."

An important pit stop on the road to talking about the app's iOS issues: this is not a good metaphor. Installing the CovidSafe app on your phone won't directly protect you from the virus. It just makes it easier for health authorities to contain the spread in the event that you do end up infected. It's not really like sunscreen at all.

Now, this messaging gets particularly muddled when we're talking about iPhones. The Android and iOS versions of the app may share a name and purpose but, as pieces of software go, they operate in fundamentally different ways.

During a recent COVIDSafe app teardown panel hosted by cybersecurity experts, MFractor creator Matthew Robbins said that compared to iOS, "Android simply doesn't have the same concerns."

On Google's platform, the COVIDSafe app's Bluetooth scanning is essentially added to a whitelist of services that automatically run in the background on your device. On Apple's platform, the app entirely works as intended for as long as it is in the foreground. If you swipe into another app or lock your device, COVIDSafe's access to the iPhone's Bluetooth receiver progressively declines.

Alternatively, if you open another app that relies on Bluetooth connectivity, that can also affect whether or not the COVIDSafe app actually performs as intended and correctly detects nearby app users. The way that the iPhone specifically prioritizes app access to things like Bluetooth connectivity and memory is seemingly at odds with the way that contact tracing apps are designed to work.

The above issues are important because, even the loose and indirect definition of protection offered by the COVIDSafe app as it is is better than a version of the app that doesn't work at all. iOS commands over 50% of the mobile market in Australia. Until these issues are resolved, that enormous slice of of potential COVIDSafe installs might not be providing the contact tracing needed for the app to have any real value.

A report by The Guardian claimed that the app was only working 27% of the time on some Apple devices.

After admitting to issues with the COVIDSafe app during a senate committee hearing, the government said that they will look to investigate whether the new contact tracing APIs announced by Google and Apple could prove beneficial for the app performance. To date, this has not happened.

How many users does the app need to be effective?

As of early May, the government claims that over 5 million Australians have downloaded the COVIDSafe app.

The Australian government has previously claimed that 40% adoption across the country - approximately 10 million people - is the target for success here. However, recent reports have called that number into question.

On the 6th of May, a representative from the Department of health told a Senate Committee that they had "no advice"' in relation to whether or not they were working towards a target number of installs for the app other than "the more, the better."

As of October, the ABC reported that "Registrations have slowed at a little over 7 million and now it barely sneaks into Australia's top 200 free apps."

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags coronavirusCOVIDSafe

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.
Fergus Halliday
Show Comments

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Cate Bacon

Aruba Instant On AP11D

The strength of the Aruba Instant On AP11D is that the design and feature set support the modern, flexible, and mobile way of working.

Dr Prabigya Shiwakoti

Aruba Instant On AP11D

Aruba backs the AP11D up with a two-year warranty and 24/7 phone support.

Tom Pope

Dynabook Portégé X30L-G

Ultimately this laptop has achieved everything I would hope for in a laptop for work, while fitting that into a form factor and weight that is remarkable.

Tom Sellers


This smart laptop was enjoyable to use and great to work on – creating content was super simple.

Lolita Wang


It really doesn’t get more “gaming laptop” than this.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?