Corona-Warn-App Open Source Project
Help us improve the Corona-Warn-App
The Corona-Warn-App is an app that helps trace infection chains of SARS-CoV-2 (which can cause COVID-19) in Germany. The app is based on technologies with a decentralized approach and notifies users if they have been exposed to SARS-CoV-2. Transparency is key to both protect the app's end-users and to encourage adoption.
This is how the app works best
The RKI as the publisher of the app and the Federal Ministry of Health, in co-operation with Deutsche Telekom and SAP, are constantly reviewing possible further developments as well as incoming development proposals. This also includes whether further information can be integrated into the app, for example on the latest pandemic situation. For that purpose we will continue to intensively incorporate the information that we receive via the various channels into our development process. Here we have briefly summarized the most important tips for using the app:
- Download the current version of the app (iOS: 2.22.1 or Android: 2.22.1)
- Keep operating systems up-to-date (iOS 15.5 or iOS 12.5.5 depending on your iPhone model or at least Android 6 with current Google Play services)
- Keep background updates switched on and check them regularly
- To be on the safe side, open the app once a day
We recommend that you always ensure an adequate power supply.
You can find further information under Frequently Asked Questions about the Corona-Warn-App.
Data privacy and security
Open source approach
Power of the community
The power of the community increases security and data privacy protection by detecting issues early and helping to solve them.
Data Privacy and Safety
You are in control
You have full control over your data, you decide for which purposes your data is used. In the app, you define the functions and purposes you want your data to be used for and with whom the app is allowed to share your data. Unless you consent, the app will not transfer any data to third parties. And if you later change your mind, you can change your settings in the app any time.
Data Privacy document
Details are outlined in the privacy notice of the Robert Koch Institute. Additional insights are available in the Data Protection Impact Assessment (German only), the Legal Notice for iOS and Android (German only, find English version in app) and the corresponding annexes 1a, 1b, 1c, 2, 3, 4, 5, 6, 7 and 8. Past versions of the respective privacy notice and the initial Data Protection Impact assessment are still available.
Part of design
It is part of the design process to ensure for each step that the app processes a minimum of required personal data that is handled with maximum protection.
Open and transparent
No security through obscurity: we follow an open and transparent approach.
Secure Software Development Lifecycle
Security assurance of application development through Secure Software Development Lifecycle, which includes among other things threat modeling and end-to-end risk assessment, security planning, security testing and penetration testing.
Hosting conform to BSI C5, SOC 2 and SOC1/ISAE 3402.