key: cord-0684039-t8f3nqel
authors: Davidson, Stephen
title: The world wants to reopen: will vaccine passes be the key?
date: 2021-06-30
journal: Biometric Technology Today
DOI: 10.1016/s0969-4765(21)00070-9
sha: ffeda348e24cffc27f82cd0249f343790c1bbc12
doc_id: 684039
cord_uid: t8f3nqel

Covid-19 has halted many things we once thought of as normal. At the beginning of the pandemic, countries quickly closed down their borders in an attempt to staunch the free flow of infections. Given the limited information about the virus at the time, these restrictions were a natural response; after all, health authorities could often trace initial infections in a country back to a handful of international travellers.

As the pandemic raged on, borders opened up here and there but international travel remained severely restricted. As a result, the travel and hospitality industries have suffered significantly, as have countries that rely on seasonal tourism to prop up their economies. In 2019, tourism accounted for around 12% of Spain's economy; by 2020, it was only 4%two-thirds smaller.

The pandemic is now turning a corner and vaccination programmes are advancing in most countries. Normality might still be a long way off, but by suppressing the spread of SARS-CoV-2, mass immunisation is a critical step in the journey back to ordinary life. But while the world wants to reopen, it needs a way to do that safely, without triggering new waves of variant infections.

Vaccine passes, secured by biometrics, have the potential to unlock international travel once again. Many people and organisations are counting on just that, not least airlines, travel agents, the hospitality industry and weary global citizens, hoping perhaps for their first holiday in two years. But as these vaccine or health pass schemes begin in earnest, fuelled by huge demand from the public and the global economy, there are many questions still to answer. The route back to normality is not yet clear -and the development choices that are made now will be critical.

It is important to remember that vaccine passes are not new: the status quo is the World Health Organisation's (WHO) 'Carte Jaune', or Yellow Card, which has been used since the 1930s.

Standardised internationally, the Yellow Card is a booklet that your doctor can sign whenever you have a vaccination. It's simple, contains just the required information and is under the control of the individual to show to relevant authorities, such as border officers.

Many commentators therefore believe that the best course of action now is to find a way to update the Carte Jaune with modern biometric protections against counterfeiting. This is not a passport aimed at restrictions, it is a Covid-era portable and limited medical record. The development of such updated vaccine passes is well underway, with the same creativity that was seen in the initial pandemic response, leading to a process where regional and international norms will become established for these passes.

Individual countries and political blocs are going through their own processes 1 . Israel, for example, which vaccinated its admittedly small population at breakneck speed, already has a 'Green Pass' system in place for domestic activities and has proposed using the same pass to open international travel to certain countries. The African Union Commission is also developing a scheme so that citizens can verify their status to authorities. The Commission intends to extend this to vaccinations, though there is some scepticism. John Nkengasong, head of the Africa Centres for Disease Control and Prevention, told the press 2 in April that: "Our position is very simple. That any imposition of a vaccination passport will create huge inequities and will further exacerbate them."

The US Government, meanwhile, has stated that it will not create a central immunisation record system and is instead leaving it to individual states and the private sector to create their own. On 6 April, White House press secretary Jen Psaki said 3 : "Our interest is very simple from the federal government, which is that Americans' privacy and rights should be protected, and so that these systems are not used against people unfairly."

State governments in Texas, Florida, Arizona and Utah 4 have banned vaccine passes on the basis that they would violate the privacy and freedom of individual citizens. Meanwhile, New York State has partnered with IBM to provide blockchain-based vaccine passes that allow peo-

Covid-19 has halted many things we once thought of as normal. At the beginning of the pandemic, countries quickly closed down their borders in an attempt to staunch the free flow of infections. Given the limited information about the virus at the time, these restrictions were a natural response; after all, health authorities could often trace initial infections in a country back to a handful of international travellers. ple to attend large events. Even communities as small as Bermuda are rolling out vaccine passes in an attempt to restore tourism and social life on the island 5 . The UK Government also began using vaccine passports from 17 May, despite some privacy groups and lawmakers saying that this "divisive and discriminatory" scheme would violate privacy and create a two-tiered society 6 .

However, it seems the European Union is offering one of the most promising options globally. After several months of debate about the viability of such a scheme, the European Commission presented its proposals in mid-March, with the intention of unlocking freedom of movement across Europe 7 . It would allow European citizens to once again travel freely across the continent, carrying a QR code certificate that asserts their Covid-19 status. These passes, dubbed the 'EU Covid-19 Certificate', would include a minimum amount of information to securely verify the holder's vaccination details, test result or recovery status.

This EU certificate might be the most promising proposal so far, partly because it aims to do something that many current schemes do not: to unlock cross-border travel. In doing so, it could set international standards for such passes. As a supra-national bloc, one of the main political foundations of the EU is freedom of movement across its member countries' borders. This had to be suspended in many ways during the pandemic, but at time of writing the EU Covid-19 Certificate is set to restore that foundational political tenet. As such, it faces certain requirements that other schemes do not.

When considering new vaccine passport schemes, many developers have the initial thought of making the identities and data contained within them as secure as possible. That's an entirely understandable aim. Medical records are among the most sensitive information an individual will possess -so the inclination to put it behind a steelplated electronic identity might seem natural. But in this case, it can be counter-productive.

eID is an area of brilliant innovation and sometimes of bewildering complexity. Some parties may be inclined to create new regimes which provide secure identities, but can't be rolled out as far and wide as they need to be. These will hamper progress and add more cumbersome characteristics to a process that needs to be streamlined. Others may look to promising new technologies such as blockchain and verified credentials, with examples including South Korea and New York State in the US. However, some feel that these solutions may cause interoperability issues and could be exclusionary in places with modest technological means.

Others feel that blockchain technologies could be a bad fit for vaccine passes. Speaking to the press, Matthew Green -a well-known authority on cryptography at Johns Hopkins University -said 8 : "There is zero reason for blockchain to be involved in this problem." He added: "Blockchain solves a very specific problem around not trusting people, and the problem with this vaccine stuff is you do trust people. You have to trust the data being entered into the blockchain is an actual trusted reflection of who's vaccinated or not."

Another inclination is to tie this information to either a centralised system of records or to load it with personal information, which might more reliably authenticate the passes. But if the passes have to 'call home' to that system to actively verify live data, then that could bog down a process that needs to be agile.

Vaccination is rolling out quickly. And there is pressure to open up even faster. The point we need to underline is that these systems are going to be used by medical professionals, border agents and even event venue operators, but generally not technology experts. That means that each system has to be simple to use; if complexity overtakes usability then the process will be plagued by problems.

Given that most vaccine passes are updating the old yellow cardboard with new security features, simplicity is their most important feature. Moreover, unlike most vaccination programmes, which may roll out over years, governments are seeking to credentialise millions of subjects as quickly as possible to restore freedom of movement and to stimulate economic activity. So the best schemes will easily accommodate both paper and digital means.

Interoperability is key, which means pinning down the expected uses and reliance on the vaccine passes. What data will be carried in the credential? What technology is required to verify the credentials? Are the security features well-understood and documented? The best vaccine pass schemes must be flexible enough to sit on top of the existing national systems: there is no time for huge integration projects either at the health authorities or at the myriad end points that may rely on the passes.

The protection of personal data is also vital. While a traveller previously could keep their Yellow Card in their pocket, users will have concerns with online vaccination tools. Vaccine pass schemes must be transparent about where the data is held, who can access it and who can retain it.

Many projects are looking to use tried-andtrue approaches that have been proven at scale, such as the public key infrastructure (PKI) approach. This has already been well proven in similar use-cases, such as for e-passports, and in many IoT deployments that require fast authentication of users, data integrity and privacy, and acceptance/validation by diverse relying parties. Widely understood and supported in consumer software, the use of PKI building blocks can also simplify the rollout and acceptance of vaccine passes.

While a myriad of commercial and community proposals are being floated, the EU's scheme represents the first supra-national governmental standard. In many respects, it could set the international standard for vaccine passes going forward.

Under the EU's Covid-19 Certificate, the Union's 27 national health authorities will be able to issue the vaccine passes. This makes sense as they are already the custodians of immunisation information. Citizens can store their credentials on a mobile device (with or without an app), or even request a paper version. Both will feature a Believing that Americans' privacy should be protected, the US Government has decided not to create a central immunisation record system.

Biometric Technology Today FEATURE QR code containing essential information about the holder and their immunisation status, which can be visually scanned by many mobile devices. The QR code will include a PKI-based electronic signature that asserts the legitimacy/ origin of the credential and the fact that the data has not been tampered with. The PKI architecture is modelled on the one that has been successfully used by the International Civil Aviation Organisation (ICAO) e-passport scheme for years, which is flexible in enabling countries (and their varying health authority structures) to issue the vaccine passes.

Using PKI, the European Commission will also build a single gateway that relying parties may use to verify the QR codes' signatures, no matter which country issued them. The personal data encoded in the vaccine pass does not pass through the gateway. The gateway is simply verifying that the QR code was issued by a legitimate authority, and that the data it contains has not been tampered with.

Remembering the dominance of WHO's Yellow Card, the EU scheme takes into consideration WHO's guidelines for Smart Vaccination Certificates and has been careful to publicly document its approach, rules for data protection and interoperability, and its data sets. There are defined rules about the retention and use of the vaccination data. Seeking stakeholder buy-in along the way, with the scale of this transparency the EU approach may become the de facto international best practice. In fact, many aspects of its design are already being picked up by other providers, including open-source projects such as the PathCheck Foundation's paper-first vaccine pass 9 .

The EU approach could also accommodate -but does not depend on -the use of mobile apps. In fact, other than helping to develop software that authorities can use to check the QR codes, it sidesteps this issue, understanding user worries that their data may be monitored or correlated in some manner. Like the old Yellow Card, the user can choose not to use the EU Covid-19 Certificate.

In summary, while there remain problems over vaccination hesitancy, the global consensus is that immunisation provides a valuable risk-control in restoring normal life. For that reason, vaccine passes will likely play an important role. Yet that process could fragment if different countries and communities rush into partial solutions without regard to international standards. That's why the EU's approach seems promising.

Europe's approach of designing a simple and flexible system that uses well-known aspects of PKI, makes it possible to roll out at scale. The commitment to documented standards means that it is interoperable and will serve well as an international model. Most of all, the EU Covid-19 Certificate sets an example by recognising that the needs of governments must be balanced against the privacy rights of the individual.

International monitor: vaccine passports and COVID status apps'. Ada Lovelace Institute

Africa CDC Says Vaccine Passports "Inappropriate" for Now

Covid: US rules out federal vaccine passports'. BBC

Arizona, Utah, and More States Join Texas and Florida in Banning Vaccine Passports

Covid-19 safe key launched as vaccine stocks approach use by date'. The Royal Gazette

70+ MPs launch cross-party campaign against Covid passes'. Big Brother Watch

Coronavirus: Commission proposes a Digital Green Certificate'. European Commission

Cuomo's Covid-19 vaccine passport leaves users clueless about privacy'. The Intercept

Paper-first Verifiable Credentials URI Specification'. PathCheck Foundation

Building a trusted guardian for our biometric identities Philip Black, Nomidio These days, unlocking a phone with a quick glance or the touch of a fingerrather than a passcode -has become so popular that we almost forget that we are using our biometric information to log in. The same can be said for authenticating payments or signing up to the latest challenger bank. In return for convenience, and to prove we are who we say we are, most of us now happily allow commercial companies and other organisations to process our biometric facial, fingerprint, iris or voice print data.