Responding to the privacy concerns by renowned tech experts in the country, Niti Aayog, in a landmark move, has open-sourced the code of Arogya Setu App, an app developed by the Government Of India to track and monitor the happenings related to Covid-19 pandemic. The app was launched in April 2020 after the outbreak of the pandemic. Due to spectacular features, Arogya Setu has gained phenomenal success with more than 11 crore subscribers in just 41 days.
As per the sources, the Aayog has open-sourced the code for the Android platform at the moment. At present, the majority of the app users belongs to this app platform. However, the Aayog has declared that it will do the same for iOS and KaiOS versions in some time. The required proceedings are continuing in the meanwhile.
At present, the source code of Arogya Setu app has been put live on GitHub. According to the sources at the National Informatics Center (NIC), it will open up the scope for tech researchers to find out the flaws in the app. This happens mostly by the fact that NIC has announced the bug bounty program just to invite the experts with their views to make the app more functional as well as versatile so that it could serve more people with the right information.
Welcoming the decision of Niti Aayog and NIC, Ms. Mishi Chaudhury, the executive at SFLC.in, said, “ As a provider of legal services to the clients, we welcome this decision as it aims at making the app more trustworthy.” “We would put closer attention in the developments so that we could track that all the codes are open sources and users must get the right information and services from it as they anticipate,” added Ms. Chaudhury.
As a result of the bug bounty program for the coveted Government of India app, it is sure to get constructive ideas so that it would get the correct documentation. The NIC is putting the closest attention to ensure that the app serves only 100% authentic information only. Due to the versatility as well as the authenticity of the app, the government is likely to make it 100% mandatory for air travelers. The agency recommends that the government should make it necessary for the security personnel to examine their mobile handset as a part of their operations while they scrutinize the passengers before allowing them to board the airplane.
The reports say that the professionals at MyGov team are all set to do the needful to encourage serious-minded professionals to find the bugs and suggest their views to protect the app from all issues related to illegal hacking. The agency even proposes a bounty of worth INR 1 lakh for those who would do an excellent job to find the vulnerabilities in Arogya Setu App.
At Indian School of Ethical Hacking (ISOEH), we appreciate the initiatives that could make the Arogya Setu app more powerful than ever. If you wish to try your luck on finding the vulnerabilities in any mobile app, you may try out our App penetration testing courses here - Android Application Penetration Testing & Comprehensive iOS Penetration Testing.
Happy Bug Bounty!!