3 pillars of effective digital vaccine passports
By providing a secure and easy-to-use digital mechanism for verifying vaccination status, governments can build a secure and trusted foundation for future digital health care initiatives.
With COVID-19 variants still making their way around the world, organizations are exploring the benefits of digital vaccine passports. They’ve been rolled out in Europe, the Middle East and Africa and are starting to be utilized in the U.S., but many consumers are concerned about their security. As a result, adoption rates are limited because, after all, without trust in the security and functionality of digital passports, citizens are less likely to share their sensitive personal information.
As city and state governments begin to roll out digital passports, security must be at the forefront to build trust and ensure widespread adoption. This is particularly important after the lack of security and privacy associated with contact tracing apps led to much lower adoption than governments had wanted.
The key risks jurisdictions face with digital passports include spoofing of records, leaking of private information and other security breaches that impact both citizens and governments. Frictionless adoption by citizens and venues, therefore, requires adhering to security and privacy best practices.
Since security is so vital for ensuring a smooth digital vaccine passport rollout, here are three crucial areas governments should focus on:
1. Secure infrastructure. When implementing digital passports, governments should strive to collect only the minimum information necessary to effectively identify individuals and validate their vaccination status. Personal information should only be accessible through an authentication and authorization mechanism that adequately secures this data from unwanted third parties.
More importantly, governments should implement strong encryption to further protect this personal information. This includes encrypting data stored on the backend server and data in transit to and from the mobile clients. A secure backend server is also required for a digital vaccine passport system.
2. Protected mobile apps. While citizens will likely need to provide medical records to governments to set up their digital passports, they shouldn’t need to share personal health information on an ongoing basis. By using a digital certificate, like a QR code, mobile passport apps can enable citizens to prove their vaccination status without revealing any medical records.
Additionally, governments should ensure these digital certificates are only accessible to users who log in so the data can’t be compromised if mobile devices are lost or stolen. The best approach is to leverage the phone’s built-in authentication, such as thumbprints or other biometric options, enabling individuals to pull up their digital vaccine certificates securely.
These minimalist mobile apps can be made secure by design and should, of course, encrypt any signatures or keys required to securely communicate with the backend server. But that doesn’t mean that there are no concerns about reverse engineering. Even if these mobile apps do not have access to much sensitive data themselves, they remain an endpoint in the communications channel with government servers and could be exploited to conduct denial-of-service attacks. Additionally, depending on the digital certificates’ encryption, the apps may contain material that could be used to create spoofed certificates. For these reasons, it is a good idea to use code obfuscation and runtime application self-protection to prevent reverse engineering and tampering.
3. Reliable proof of identity. The final pillar of security is requiring adequate proof of identity. If governments aren’t carefully authenticating citizens using drivers’ licenses, passports or another credible form of identification, it’s easy for individuals to circumvent the entire system. Preventing vaccine passport spoofing requires a reliable way for tying an individual's authenticated identity to a valid digital certificate.
For this reason, venues should verify individuals using a physical proof of identity when they scan the digital certificate to validate a vaccination status. Once individuals are authenticated, the digital passport apps should only present a verifiable QR code, and the venue only has to confirm that it corresponds to the provided physical proof of identity. Bottom line: There’s no need to make any other health information available when verifying the vaccination status of citizens.
Putting security first
With more complex problems on the horizon, such as how to handle the verification of booster shots and multiple vaccines, it’s crucial that governments get the initial rollout of digital passports right. The best way to build safe and reliable digital passports is to start with security in mind.
Digital health care presents a number of challenges for governments and businesses, but digital vaccine passports are a much simpler problem to solve. By providing a secure and easy-to-use digital mechanism for verification of vaccination status, governments can accelerate the re-opening of the economy and build a secure and trusted foundation for further digital health care initiatives in the future.