In the OECD world, Covid-19 has been contained to a large extent. A majority of the population has been fully or partially vaccinated and the governments of each country are fighting resurgence of the virus by fighting vaccine hesitancy and creating a system of track & trace for vaccinated and unvaccinated people. Large scale vaccination campaigns have created a dual structure of vaccinated and unvaccinated people and based on the vaccine status those unvaccinated are still at risk .

A major challenge facing these governments and the world at large was that the travel and events industry was shut down to handle the pandemic. Pre-pandemic this industry was worth $2.9 Trillion globally employing millions of people across the globe.

As such to successfully host large gatherings and travel, governments are proposing vaccine based entrances or vaccine passports for international or domestic travel in trains and planes, indoor stadium based events such as games and live concerts so that large scale gatherings do not end up becoming a super spreader event. The task of undertaking vaccine passport app development is fraught with challenges of implementation and privacy concerns as people have never been asked to provide health information before on such a large scale. The way out of it is to provide only the status of the person in question and not the underlying data that denotes his/her status.

The major challenges for any vaccine passport app development are:

• Verification of the Vaccine certificate & test certificate
• Data security
• Third party authorization & misuses
• Privacy and confidentiality challenges

Let’s discuss each of them in detail.

Verification of The Certificates

One of the major challenges of any vaccine certification app will be the verification, storage and checking of certificates related to Covid-19 tests and vaccines.

As users are presenting sensitive health information to non medical professionals, utmost care is needed for data handling.

Ideally, an authorized list of test providers and valid vaccines should be available on the app that are accepted by the local authorities on both sides, the place of origin and the place of travel. Users can avail a test to showcase their negative status and the vaccine status which denotes that they have been vaccinated.

Verification can be done by creating a barcode that can only be accessed by authorized barcode readers and corresponding apps.

With secure bar codes we can verify the underlying Covid-19 status of the user and we can protect the privacy of the user by generating the barcode after verifying the underlying documents, namely the vaccine certificates and recent test.

The results of the test will only be valid as per the specified norms so the data related to the test will be auto deleted after the specified duration.

How it will Probably work:

Step 1: The user willing to travel will contact their nearby health lab or hospital for vaccines and Covid test.

Step 2: Once the user receives the various certificates from the health provider, he will then upload it to the vaccine passport app.

Step 3: The user will simply have to show the barcode for entry to airports, flights, outdoor events.

Data Security

The foremost thing to assure users of data security is to not link any other health services, certificates to the vaccine app. The role of the vaccine app passport should be limited to the data about Covid-19 vaccine and test and no other health details need to be provided. By limiting the data users are required of, a line of trust can be built as users will realize the clear and specific purpose of such apps.

To ensure data security, the data needs to be hosted in a secure cloud environment authorized only by certain entities. Furthermore, the storage can just be about the user’s status and not the documents or other health information. If needed, the user can present the actual certificates if needed but they need not be held in the app environment.

By only storing data about the user’s vaccine status and test certification, data breaches even if they happen, will not be able to leak sensitive information and users can securely provide all relevant information.

By not storing the user’s data but only their status, we can enable travel and outdoor gatherings without the hassle of having the user present the certificate and getting it checked and verified at each entrance.

Third Party Authorization & Misuses

Selective third parties such as governments, Airport authorities, health labs and vaccine providers might need access to the database of users for verification of users and the data provided by the users. As such strict confidentiality can be maintained by using numbers whenever possible instead of personal details and not letting any third party access the data or monetize it for any purpose.

One major misuse that can happen is that vaccine passports can be used for racial, religious or other types of discrimination. Agreements between all parties need to prohibit use of such apps to create a discriminatory and exclusionary environment.

The best way to secure data and prevent its misuse is to not record data and information that can be omitted. Secondly, putting secure data standards to prevent unauthorized data success and only hosting the data on government servers are some of the major ways to secure the underlying user data.

Privacy and Confidentiality Challenges

Since sensitive health information that can lead to discrimination and exclusion is to be stored, the privacy and confidentiality of the app needs to be robust. All of the data of the app can be behind a digital signature and the signature itself would validate the underlying data without letting anyone access the data unless they demand to access the data with specific protocols. OTP should also be there so that the user is aware of who is accessing the data and can prevent the authorization if he wishes to.

All third party selling of the data should be prohibited and disallowed strictly to create user trust and prevent any unauthorized usage of the underlying health data.

Major Vaccine Passport App Development Features

The app will allow the user to login using email APIs, the app owner can create and update a list of approved test centers, vaccination centers, information on local laws and guidelines and approved vaccines so that the user can plan the trip accordingly. Even a simple app that provides a user with all the local norms and laws of their destination can also provide a major opportunity to an app entrepreneur.

A lot of the app features will depend on governments and various authorities hosting the underlying data and whether hey want to allow access to it through a secure API and the rules and regulations that will govern the underlying use of the app for all parties concerned.

Conclusion

Vaccine passport apps remain an elusive possibility. How governments and private organizations will navigate the maze of privacy, data security and the necessity of data sharing and data portability. If you have an exciting idea related to vaccine passport app development, do drop us a line below and we will love to take it further.