It has no use exept for selling your data to big tech and big pharm.
4 Likes
Assuming such things is one thing, proving it by analysing all data transfers, the app will do, is another thing. Therefore i asked my question in post #15.
At the end of the day everyone can decide for themselves whether they want to use such an app or prefer to go through life with a Leitz folder under their arm.
When creating apps by companies, they should also consider alternative operating systems and not just the big players like iOS and Android. And for that we should step on their feet.
Even if the app is available for Android, I donāt necessarily want to install it on an SFOS phone if, for example, Google Play services are required again. Either native or as a web app would be my preferred variant.
No. The QR code just identifies yourself. Then all data is sent to the EMA, Pfizer, Moderna etc. from your public health ensurance (ĆGH, BVA, SVA in your case. from ELGA, no optout)
Along with your bank accounts, job, everything. As I have access to ELGA as a doctor, now all pharmacies, too and soon more, I can already see the data there. From everyone. At least in Austria, for now. Fantastic, aināt it? 
5 Likes
Theoretically, the app can add data: IMEI # of the used telephone, access Bluetooth (is the project ācontact tracing appā really dead?), movement profile and history, ā¦
Maybe not in the apps first rollout but later in an update.
My personal conclusion:
My phone stays at home & Thereās a life after mobile phoning life. 
AFAIK it does not matter if we get traced with a qr code we show everywhere on paper or on phone.
1 Like
If you keep your phone at home, that kind of defeats the purpose of having one. At that point itās basically just a PC with no keyboard and an uncomfortably small screen.
2 Likes
Plenty of (older) people use their mobile phone as a landline.
2 Likes
Thatās exactly what I do.
The Sailfish Phone was too expensive and difficult to setup, so I donāt want to take the risk that it will be lost, stolen of simply falls on the floor and breaks, when using it as ādaily driverā.
I use the SF phone mostly at home and seldom outside, only if I need a camera, a GPS or mobile gateway. For simple talking when outside I have a 2nd cheap phone from supermarket.
The source code is here : Issues Ā· eu-digital-green-certificates/dgca-wallet-app-android Ā· GitHub
My understanding is that the app just does the following:
- scan the code
- store it in an encrypted way (so that other programs donāt access it)
- display it when requested
Should be OK to implement (the second part may be the toughest, but there is sailfish secrets which is probably fine). If i have some free time, iāll give it a try.
1 Like
In NL citizens actions to get the yellow vaccination passport valid instead of a digital pass that still does not exist. The EU planned to make one, but the Dutch government said it has too many personal data. Besides this the government is planning its own medical surveillance. The yellow vaccination passport is internationally acknowleged, also by the WHO.
We succeeded in getting our Covid vaccinations mentioned in this passport. We still can buy this booklet. If other countries will recognize this
remains to be seen. We hope so.
1 Like
If it is not open source and without trackers I donāt download/install it.
We have seen the docu āA good Americanā. It could have gone into another, better direction if notā¦
Ah, why donāt you all get WHO Vacination Certificates? At the moment, they conāt get you on flghts to the US anyway, but neither will covpass.
Iām referring anyone that asks (has already happened) to my doctor, recorded in the pass.
That is not the route being taken in Germany. Basically, without a direct route to the doctor that imunized, itās a no go. So, the ibm developments in Germany include a full cycle of verifying a user via a centralized api.
For people who have already been immunized in a vaccination center, there are plans to digitize the vaccination certificates afterwards.
But youāre going to have to have that transferred into a WHO pass if, for instance, you want to travel to Mexico. So, it seems that, unless you want to be stuck in Europe, the whole covpass is a bit of an distraction.
- WHO certificate
- covpass?
I donāt see the point of the centralized api. My understanding is that there is a cryptographic signature inside the QR code (to avoid it being forged). So the verification should only imply verifying that the certificate used to sign has not been revoked.
I will try to have a look on the verification app in France. Everything is open-sourced (or at least they claimed it will be).
1 Like
My girlfriend got her first Vaccination at an immunization center. The second at the Doctors (Astra). The immunization center wouldnāt even paste the sticker in the pass ! Thatās a mess already. Her Doctor (in Berlin) and mine (in Brandenburg) both have no information to date about digital certificates. I asked today. The only authoritative information to be had comes from our Doctors.
The authentication flows and the data involved can clearly be seen here:
āHealth Certificate Issuance Serviceā runs on the Doctors or immunization centers gear.
EDIT I also checked with a couple of Health Ministries. The yellow passport will still be the gold standard: see here for Germany:
However, the WHO and UN have as yet to actually add covid to the list designated for use in the yellow book. So who knows. Itāll probably be PCR tests until next year.
UPDATE: itās hard to track if the initial ibm effort of the T-Systems stuff is actually the development tree to watch. It āSEEMSā that T-Systems is doing an end-run around IBM.
The image above should probably be updated to point to the:
- Generic verifier service (ie. server backends.) here: GitHub - eu-digital-green-certificates/dgca-verifier-service: Repository for the dgca verifier service.
- I need to read a bunch more code. But Iām really afraid of: GitHub - eu-digital-green-certificates/dgc-gateway: Repository for the dgc gateway.
Well, thankfully Iām just an alien resident in the EU.
Update 2: Ok, so it looks, probably, like both things need to be considered. The dgc gateways seem to be the exchange mechanism only and the national systems for issuance may well be ālikeā what ibm sketch above shows.
Why that? Why didnāt she get both vaccinations at the vaccination center. That would be the normal way. One vaccination here and the other at the doctorās will probably cause chaos.
I received my first vaccination (BioNTech) in the vaccination center and also the first sticker in the vaccination certificate.
I will get my 2nd vaccination and 2nd sticker in the same vaccination center.
No problem here in Saxony ;-).
The vaccination center refused to put the first, astra zeneca, sticker in the book. Then they stopped providing Astra (to under 60s) and the Doctor at the nursing home my GF works at offered to do the immunizations. Since she works with many patients, she felt it prudent just to get the shot. And not wait for Astra to be approved or not, again.