PC Pro - UK 2021-12)

@PCPRO FACEBOOK.COM/PCPRO BriefingPCProbe

Gottakeepitfederated
Onepointofconsensusacross
thevariousproposalsand
workinggroupslookingathealth
passesisthat anyfutureCovid
credentialssystemshouldbe
decentralised,withnocentral
databasecontainingthehealth
detailsoftravellers.
“There’s no onesaying
centralise- it doesn’tmake
anysensetocentraliseit,”said
CliveBourke, president of EMEA
forDaon.Hiscompanyisbehind
anapp calledVerifly,whichis
alreadybeingusedbyairlines
suchas BA andVirginto speedup
theCovidcredentialsprocesswhentravellingtoa limited
numberofdestinations.
UnderVerifly’splan,theactual certificatedetailing
anyjabsandtestsshouldremainonthepassenger’s
phone.Intheorythiswill protecttheirprivacyand,as
pertheGoodHealthPassprinciples, minimisetheamount
ofdata storedbyhealthauthorities.Crucially, it puts
control over whopersonalhealthdataisshared within
thehands of theindividual.
Tomakeitworksecurely, it wouldusethesame
publickeycryptographytechniquesthatarewidely
usedin computing.Thehealthauthority can“sign”a
passenger’shealthdatacertificateusingitsprivatekey,
andairlines,border controlandsooncanusethe
authority’spublickeytoverifythe digitalsignatureis
real,withoutrevealingtheunderlyingdata. In fact,
without theprivatekey– whichhealthauthoritieswould
keep,well,private–itwouldbemathematically
impossibletoreverse engineersomeone’shealthdata.
Italsomeansthatthesystem willworkoffline,
without theneedtopinghealthsystemserversevery
timea passengerisscanned.
However,fora federated systemsuch as thistowork,
countrieswillhavetoagreeonstandardsforstoringdata,
andagreetomutuallyrecogniseeachother’sdigital
signatures.Atthetimeofwriting,theEuropean
Commissionisinthemidstofa technical assessmentto
decidewhethertheUK’sdigitalsignatureswillbeallowed
tojointhecommonEurope-widesystemasa thirdparty.

Followingtherules
Evenif a mutuallyinteroperable,decentralisedsystem
isbuilt,therearestill technicalchallenges.Oneexample
iswiththe“rulesengine” thathealthcredentialswill
befedinto,whichdetermineswhethera passenger is
allowed to entera countryornot,andtherulestheymust
followon arrival.
Forexample,dependingon an individual’scombination
ofjabs,testsandthecountriestheyhavepassedthrough
enroute,theremaybedifferingrequirementstoconduct
furthertests,quarantineandsoon.
“Logically,itcanbedone,”saidWhitley, buthow
quicklytherulesenginecanbeupdatedcouldbe crucial.
“Itgetsreallycomplicatedbecausetherulesaboutwhat
youactuallyneedtodemonstratekeepchanging.”

Itgetscomplicated

becausetherulesabout

whatyouactuallyneed

todemonstratekeep

changing

ABOVEBigger

airlinesarealready

signinguptoproof

ofvaccinationapps

Insomecases,thecomputationallogicwhenmaking

decisionscouldgetincrediblyknotty.Whitleythinksa

particularlyinterestingexampleofthiscouldbewhenour

firstroundofvaccinesexpireandcountriesbeginto

introduceboostershots.

“YoucomefromIsrael, you’ve hadtwojabs,butnot

yourbooster. It’snowseven months sinceyoursecond

jab.Isthebusinesslogicyou’vebeendoublejabbed,sowe

letyou in?Oristhebusinesslogicthatyourcountrysays

untilyou’vehadtheboosteryouarenolongerbeingsafe

domestically,soperhapsnotbeing safeinternationally?”

There’salsotheissueofensuringthehealthcredentials

arereallythose of thepersoncarryingthem.Oneproposed

solutionisthathealth passesshouldincludea biometric

“hash”of theowner’sfacesothatfacialrecognition

technologycanverifyit.

Andthenthere’sthematterofprivateandpublic

keys.Ifthesystemisbuiltwithexpirydates,itwouldbe

goodfordigitalsecurity,butcouldmeanthattravellers

whohaveprintedtheirQRcode

outonpaperfind themselvesstuck

onarrivalattheborder.

Waitingfordeparture

Despitethecomplexities,there

isoptimism– andarguably

necessity– thata systemwill

eventuallybebuilt. Thereason

thatsuch a systemisnotyetin

placearoundtheworld is,someargue,politics.

“Ithinkthatthetechnologyexiststoenableus to do

this,”saidInnes.“There’squitea lotofhardworktodoto

aligncountriesonthetechnicaldetailsofwhosesystem

theywillrecogniseandwhat solutions they’repreparedto

usetoguaranteethat validityoftheinformationbeing

providedbyanothercountry’shealthcertificate.”

“Iwould sayit’sprobablya yearaway,”saidBourke,

whobelievesthatitisn’tstandardsthatareslowingthe

development of asystemdown,butotherchallenges

airlines arehavingtodealwith,notleastthedebtburden

they’vetakenon,aswellasotherITcomplexities.

“Iftherewaspoliticalwillthere,I don’tsee whyyou

couldn’tsetthisupina matterofmonths,”saidInnes.“I

don’tthinkit’sa technological problem.It’sa political

governanceproblem.”