Glossary

We use the terms defined in this glossary. When used, a term is preceded with a ▹, Capitalized and linked to its definition.

Anonymity
A situtation in which an App User is non-identifiable, unreachable, and untrackable.
API
An Application Programming Interface
App
All aspects of an information/communication system built or used to help fight the pandemic.
App Creator
An individual or entity who contributes to developing, operating or funding an App.
App Developer
An individual or entity who contributes to writing, integrating or testing code for an App; who may create user experience, design, branding etc.
App Funder
The entity that has commissioned, funded, encouraged the use of, or required the use of an App for a certain set of App Users.
App Instance
The particular instance of the App, or a component of the App, that is running for a particular App User.
App Operator
An individual who helps running some aspect of an App on a day-to-day basis.
App User
An individual of the general public who uses, or considers using an App.
App User Onboarding
The process by which an App User can start using an App.
Architecture
The overall design and structure of the App.
Attack
An attempt, successful or not, to use any aspect of the App for a nefarious purpose.
Attacker
An individual or entity that attempts, or succeeds, to perform an Attack.
Audit
An examination of all aspects of an App's development, operation and governance by an independent, trustworthy entity with full cooperation by the App Creators.
Audit Trail
A log that records all events that occurred with respect to a particular App or App Component.
Backup
The copying of data for the purpose of being able to restore the original when a data loss event occurs.
Bluetooth Low Energy (BLE)
A wireless short-range computer networking technology.
Care Provider
An physician, nurse or other medical care provider.
Cloud Component
A component of the App's software that runs on a server not under control of the App User.
Contact ID
The identifier(s) assigned to Exposure Contacts for the purposes of contact tracing.
Data At Rest
Data that is stored physically for some period of time in some location.
Data In Motion
Data that is in the process of being transmitted from one place to another.
Data Poisoning
An Attack in which the Attacker submits intentionally false data.
Data Retention Period
The period of time during which data is stored before it is deleted.
Dead Code
Code in the App that does not get executed.
Debug Code
Code in the App that is only helpful during programming.
Exposure Contact
A person who has been exposed to another person and should be recorded as a contact for the purposes of contact tracing.
Federation
Several Apps with similar goals communicating with each other.
Firebase
A software development platform and online service operated by Google.
FIXME
A marker for our own internal purposes that a section of this site needs more work.
FOSS
Free and Open-Source Software
Inference
A statement about any aspect of an App by a third party, based on available public information.
Insider Attack
An Attack where the Attacker is part of the team responsible for keeping the attacked system safe
IP Address
A unique identifier for each networked device on the internet.
MAC Address
A unique identifier for hardware of common wireless communication protocols.
Peer Communication
Communications between smartphones without the involvement of a third party.
Personally Identifiable Information
All information that is related to an identifiable person.
Privacy Impact Assessment
A process which enables organizations to identify and reduce the privacy risks from technology.
Privacy Policy
A published statement that discloses how an entity manages personal data.
Production
The deployment of code for real users, as opposed to for testing or development.
Pseudonymity
A situtation in which an App User is trackable but not identifiable.
Public Health System
All governmental and non-governmental entities involved in public health related to the pandemic.
Re-identification
A mechanism by which a previously anonymous or pseudonymous App User can be identified with high certainty.
Replay Attack
An Attack where an Attacker repeats a legitimate data transmission.
Reproducible Build
A method to prove that a compiled or downloaded App was built from a certain version/configuration of source code.
Role
The function of a particular individual with respect to an App.
RSSI
A measure of the strength of a received wireless signal.
Secure hash
A cryptographic function that is practically impossible to reverse
Self-assertion
A statement about any aspect of an App by its App Creator.
Service Provider
Any person or entity that provides a service to the App Creators, such as a cloud platform provider, third-party analytics provider, security monitoring service, and the like.
Smartphone Component
The component of the App's software that runs on an App User's mobile phone.
Spoofing Attack
An Attack where an Attacker invents a data transmission supposedly coming from somewhere else.
State Machine
A technical diagram to show the behavior of a system graphically.
Web Service
A software system that can be used over the internet by other software.