Our end-to-end technology solution includes three components: a user-facing mobile app, a web-based administrative portal, and server-based verification and key management. Implementation support is provided by our services team.
Our app was one of the first exposure notification apps built using the GAEN APIs to be piloted in the United States and we continue to collaborate with Apple and Google to ensure our app meets their joint requirements including interoperability between Android and iOS devices. GAEN is quickly becoming the “gold standard” in many countries for the development of privacy-preserving, de-centralized COVID-19 apps which we are committed to maintaining.
The mobile app interface can be customized with branding specific to your region, community, and the public health authority responsible for combating COVID-19. The code is open source.
The web-based Portal enables public health officials to perform administrative functions concerning:
The Portal is integrated regionally so that app users receive relevant local health advisories.
The server-side functions of the WeHealth Platform are split over two distinct server components: the Verification Server and the Key Server. These are independent, open-source projects currently developed and maintained by Google as part of their larger contribution to the GAEN ecosystem.
WeHealth hosts its own instances of the Verification Server and Key Server as part of our overall product offering, integrated with the App and the Portal. Our platform is fully compatible with APHL national key servers and verification servers.
It provides and validates cryptographically secure numeric codes intended for verifying diagnoses. The Covid Watch Portal accesses this Verification Server to provision verification codes to authorized public health officials (i.e. case investigators, clinicians or other health professionals), who then distribute them to individuals for entry into the Covid Watch app. The app communicates directly with the Verification Server to validate the authenticity and expiration status of a code, and to exchange it for a certificate allowing secure transmission of a contact exposure key to the Key Server.
It is a separate piece of infrastructure with which the App communicates directly. It allows uploading of the temporary exposure key data which the App shares via Bluetooth during the period surrounding a verified positive diagnosis (and authorized by a valid code from the Verification Server). The Key Server also packages and signs all newly uploaded key data each day and makes it available for download by the App user. This allows the App to compare exposure keys to key data that the App previously captured to determine if the user had a potential exposure–which would result in a local Exposure Notification.