A note from the /e/OS Development team

  • The contact tracing application is not required by /e/ OS to operate and can be easily removed by users at their discretion.
  • /e/OS doesn’t store any data generated by the app or the Exposure Notifications API
  • This feature is provided to /e/OS users willing to use a Covid-19 Government specified contract tracing application.

Purpose of this guide

The Exposure Notifications API is required for the smartphone to interact with the covid-19 tracking applications used in your country.

  • The API is disabled by default
  • The implementation requires direct intervention by the user to be activated. This includes
    • Installing the API
    • Installing applications specific to your country
    • Enabling the API when asked This document will share the steps required to activate the framework on the /e/ OS
Warning: Not all covid tracing apps require the Exposure Notifications API to function. For example, the TousAntiCovi app of France does not require the Exposure Notifications API. Check the app specific to your country works on the /e/OS, before enabling the API

How does the Covid-19 contact tracing work?

The COVID-19 contact tracing is done through the Exposure Notifications API. The API has the below four features

  • Bluetooth Advertising : Your phone broadcasts a Rolling Proximity Identifier (RPI) via Bluetooth. Every ten minutes, a new RPI is published, to make it impossible to track you. The RPIs are derived from a private key that is generated randomly once per day by your device. This derivation cryptographically guarantees that RPIs can not be linked to each other, except if you shared the private key.
  • Bluetooth Scanning : About every 5 minutes your phone scans for nearby Bluetooth devices that broadcast RPIs and stores the RPI together with a timestamp in a local database.
  • Key Sharing : When you have been tested positive for COVID-19, you can ask your phone to share your private keys of the last 14 days with the COVID-19 contact tracing app. Only with this private key is it possible for others to see if they’ve been in contact with you for more than 10 minutes. The implementation of microG will make sure that this key sharing does not happen without explicit user consent.
  • Risk calculation : Based on the list of private keys shared by the companion app and the list of RPIs collected in the last 14 days, your phone checks if you have been in close contact with a person that reportedly was tested positive. Your phone computes a total risk score and provides information on the date and time, contact length, and signal strength of the exposure to the companion app. The companion app will not learn which keys or people were in close contact, neither will it get any insights on where the contact happened.

microG offer the only open source implementation of this API.

Steps to install Exposure Notifications API on /e/OS

  • Open Apps
  • Go to Categories » System apps » microG Exposure Notifications version

  • Press the install button and install the microG Exposure Notifications version on top of the existing microG installation on your /e/ ROM.

  • The installation will show up as Exposure Notifications in the microG Settings

  • Download and install your country specific contact tracing app from Apps. When you will open the app, it will ask you to enable the API.

Here we will use the example of the Covid Radar app (from Spain)

  • After the installation of the application, tap to open it on the phone

  • This will display a pop up asking permissions to
    • Enable Bluetooth
    • Enable activation of the Exposure Notifications API
  • Choose ok for both these pop ups
  • Now your app which in our example was Covid Radar will start working.
  • The Exposure Notifications API will also be enabled at this stage as you can see in this screenshot

How to disable the app or the framework?

You can easily disable the COVID-19 contact tracing from your /e/ OS. All that you need to do is..

  • Uninstall the contact tracing application you downloaded
  • Disable Exposure Notifications API from Settings > System > microG > Exposure Notifications

In addition, it’s also possible to uninstall the microG Exposure Notifications version. To achieve that, kindly go into Settings > Apps & notifications > microG Services Core, and then tap on the 3 dots button at top right and choose Uninstall updates.

Stay healthy! Stay safe!!