Wide-ranging security flaws have been flagged in the NHS's contact-tracing app being piloted in the Isle of Wight.
Security researchers involved argue that the problems pose risks to users' privacy and could be abused to prevent contagion alerts being sent.
GCHQ's National Cyber Security Centre told the BBC it was already aware of most of the issues raised and is in the process of addressing them.
But the researchers suggest a more fundamental rethink is required.
They suggest the NHS considers shifting from its current "centralised" model - where contact-matching happens on a computer server - to a "decentralised" version - where the matching instead happens on people's phones. [source: BBC]