The Koronavilkku app, which tracks corona infection chains, has been downloaded 1.4 million times by Wednesday morning.
The matter is confirmed to IS Digitoday by Aleksi Yrttiaho, THL's Director of Information Management.
The app was released on Monday morning.
It broke the one-million-dollar limit on Tuesday morning at eight.
By yesterday, it had not yet been reported that unlocking health-related unlock codes had been entered into the application.
THL had no new information on the matter on Wednesday after noon.
The application also circulates incorrect information.
IS Digitoday has been contacted with concern regarding the application storing users' phone numbers.
This is stated, for example, in Yle's news, which states that "the background system stores, among other things, the telephone numbers of users and the unidentified identification data of the persons who reported their infection".
Both THL and Solita, who made the app, refute the information.
- Phone numbers are processed when a healthcare professional can send an unlock code via SMS.
The data will not be stored any more, Yrttiaho says.
Solita clarifies that the number is used in situations where the user of the application has received a positive test result confirmed by healthcare and wants to notify others with an unlock code entered into the application.
- The background system needs a phone number to send the unlock code as a text message to the user.
The number will not be stored, Solita's technology expert Sami Köykkä assures.
The healthcare professional enters the phone number into the system that generates the unlock code.
Entering the number is not mandatory, as the unlock code can also be obtained orally as told by a professional.
Also read: Why does Koronavilkku require phone location if it does not track its users?
Here's the reason
The Corona Flasher app collects anonymized user IDs, which are random numbers that change every 15 minutes.
In addition, the application collects the identifiers of the users who reported the infection and the information received from other users about possible exposure.
Only the identifiers of the user who reported the infection are stored in the background system.
The back-end system controlled by Kela will destroy the data within 21 days of its registration.