Covpass - Vaccination status App?


will there be a possibility to install Covpass-App, the implementation of the planned EU-vaccination-status, that will come in June for Android? Or will it need google-software?



If it has an open API then we can have an app on SFOS. (Assuming a dev will spend time writing one)

I wrote emails to the RKI and BMG that they should please also consider the users of smartphones with alternative operating systems, such as Sailfish OS and Ubuntu Touch. Either with apps for these operating systems or as a minimal option with a WebApp.
Let’s see if the mails are read there by natural persons ;-).
First of all, only automated reply emails came back.


It would have been good if you mentioned that this was about the specific German implementation.

While the verification is supposed to be the same across the whole of EU, the implementations are free to, and will, differ. At least here in Sweden there will also be paper versions, and i assume i will get it in PDF form. What i don’t understand is why so many countries seems to be going for an app, in order to just display a static QR code. Why can’t i just put the PDF on the phone and be done with it?


Thank you all for your answers and especially thaks to s_mario for writing these two institutions. Let me please know, if you get answers…

I think they think there’s less chance people will be able to forge the QR code.

Well, that’s ridiculous, because the verification is to be done by the person scanning it. The app has no purpose to serve in verifying the accuracy. Not sure if that is asymmetric crypto, online verification, or both… but regardless, the app wouldn’t do anything.

1 Like

A simple PDF file cannot send data to some servers, e.g. how often displayed, where, whom…, or otherwise ‘phone home’.

An app can.

edit: it will be interesting if the app will work (and access for the person will be granted) while the phone is in flight mode, offline or without SIM card,

1 Like

Neither can a paper.
…but the scanning side can, so why would the scanned side need all that?

Never attribute to malice that which can be adequately explained by stupidity.


I would have a better feeling with a paper. I think it should be possible to scan this paper and so have it on the phone, as alternative to having an obscure app on the phone.

1 Like

Maybe it will also work if we scan or take a photo of our vaccination certificate with the QR code and the other side then verifies the QR code. I don’t know if that will work.
The main thing for me is that we are perceived and taken into account as users with an alternative operating system, whether with native apps or web apps.

Google or Apple like to help mankind to develop a special API again. The developers will surely gratefully accept this again. Sarcasm off :roll_eyes:

You’re right. A picture with our QR code should be enough. The validation of the QR code should be carried out by checking software at the inspectors and not by an app for the user. This also works in flight mode or where there is no network access. Without proof of identity, which must also be shown, a QR code is always worthless. So what is a special app good for?

For most people, it is important to use their smartphone instead of a vaccination card, for whatever reason. No matter how, the authenticity can only be guaranteed with a vaccination certificate and proof of identity. If in doubt, it has to be shown anyway. Or will no more devices be stolen from mid-2021 or later?

Use a simple picture of the QR code with your name underneath. No dependency on the operating system or device. A piece of paper or a plastic card that you can stick to the back of your phone would be enough - if you don’t have a scanner.

Keep it simple and it’s smart, but this is probably about business again.


I know this is gonna do me no good, but I miss one anwer: “fuck your stupid survailance code, EU”


This would be another discussion, if there is surveillance and what are implications to society, but here it’s only about the technical possibilities.


For technical interest: I am very very curious if someone will probe or scan the Covid app with a network analyzer for hidden communication, and report here. What ports will (really) be used, to what servers or IP-addresses will the app (really) send data, how often, in what cases (of use and others…)??? Usage of Bluetooth? For what?

I had the great good luck of (well, because I’m missing a bit of my right lung) to get vaccinated before I was due (err, I have old neighbours who had ‘just’ gotten vaccinated!) AND my mother sent me my ancient WHO Immunization passport :wink: Got sticker in my paper pass!

I kept reading all the hype about an app and always checked to see, ‘but surely the who pass will still be the gold standard’? Yes. Seems so. Ok, so why in the world would you want an app? Industry subsidies and headlines aside?


You mean an BSI blessed app made in Germany? Or something Paneuropean?

I was thinking of this discussed app, that is planned for the next one or two months, that is planned europe-wide to make it easier to fly, cross borders and be used for big events access control. It was / is mentioned in TV news and other reports to the Covid situation. (especially Austrian news)

Ah, I just read headlines in the past 2 or 3 days of a test pass being made here in Germany and it was never really clear who was developing what. As far as I can tell, it is not much more than a pdf. If Apothecaries will be producing them in the next weeks, it can’t be a client/server app. But the information available is all anecdotal. In Germany, the Doctors are strictly against it, since they generally put a ‘stamp’ on the sticker that winds up in you Immunization passport. That, be it vulnerable, is simple for them. An app given the workload they have, not even remotely on the table. When I got immunized last week, the lineup went around the block…

EDIT: It seems an app developed by IBM is the test model being tested with the blessing of the RKI (Robert Koch Institute)… This thing: leading to this thing: Digitaler-Impfnachweis · GitHub Oh. and it is client server requiring integration with doctors practices using existing (patient card) based transactions. That this runs before the year?

Also, ich lese mal die certification apis (it’s complete and utter bullshit).

EDIT 2: Further information reveals that those 2nd parties (Apothecaries) issuing certificates would check your WHO immunization passport. So, the Gold standard remains, well, the gold standard piece of paper.


This is starting to get very much off topic…

@bombe23, as @ApB has pointed out: If there’ll be a proper API even a native SFOS app would be theoretically possible
Regarding the Android app: If you’re using the ‘modern’ Android support of Sailfish (available for Xperia XA2 and newer ) chances are good the app will run. Unless some special system level features are required. I’d say that’s unlikely but the whole concept seems not to be clear yet.
Judging by the supported versions for the Contact Tracing app older phones (thus Xperia X, Jolla C as well) will most probably be sidelined