© Bundesregierung

The analytical results for each development milestone were reported to the developers regularly, including the feedback in their continued work.

The testing team analysed the software source code among other factors. “After our analysis, we are sure that the app is in really good shape in relation to security and data protection. In our analysis, we did not detect any severe security gaps or hints to secret back doors. The cooperation between SAP, Telekom and ATHENE collectively aimed to help citizens in the fight against the pandemic with a highly secure app,” says Michael Waidner, director of the National Research Center ATHENE and head of the Fraunhofer SIT. “We will continue to offer constructive support utilising our competencies in the topics of privacy and security in the live operation of the app and will carry on with our analyses.”

The conduct of security analyses serves as an important tool to ensure the security of software implementation in practice, even if it does not guarantee that the software is free from any vulnerabilities.