Vaccinations are a critical tool to bring the number of COVID-19 cases down globally. As the Pacific starts to allow travel again, many countries are requiring vaccinations for many travellers.
Tamanu has assisted several Pacific Island Countries with their COVID-19 immunisation campaigns. In Nauru for example, the country now tracks all COVID-19 vaccines using Tamanu’s immunisation module. Nauru remains a COVID-safe environment: with fewer than ten cases cumulatively (all contained to quarantine) to May 2022, the virus has been successfully contained, there is no leakage into the community, and Nauru also boasts a high vaccination rate. Now Tamanu provides the country with a complete solution to issue internationally-recognised Vaccine Certificates to its citizens.
Digital Vaccine Certificates are an enhancement on the security and usability of the existing International Certificate of Vaccination or Prophylaxis (ICVP), commonly known as the “yellow card”, established in 1933 and used for health risk control at borders for various epidemics and pandemics since, such as cholera, meningitis, and the 2002-2004 SARS outbreak.
This is a paper document that is filled by hand and rubber-stamped with authorities’ official shields. Much like the text on passports, it has labels in only a handful of languages. Due to these aspects and the explosion of technological means in recent decades, the yellow card is almost trivially falsifiable now. There is also a desire for a document which is more compatible with the variety of languages spoken around the world, and which can be embedded in mobile phones to “get with the times” and reduce or avoid reliance on paper.
Global and inter-regional agencies have developed two major standards for this purpose: the United Nations, via its ICAO organisation, created a Visible Digital Seal specification for “Non Constrained” environments (VDS-NC), modelled on the existing ePassport infrastructure; the European Union concurrently put in place its Digital COVID-19 Certificates (DCC or EU-DCC). Tamanu supports both and offers these flexibly to countries using the platform; Nauru chose the VDS-NC standard.
Before getting too deep into the technical weeds, an overview of how such a document is obtained and used:
- All begins, of course, with a vaccination. When someone is vaccinated, this event is recorded in Tamanu by the health practitioner against the patient’s history.
- At a patient’s request, or as a matter of procedure, a vaccination document is generated. The document takes the form of a single-page PDF with a summary of the vaccinations the patient has undertaken and a QR code which contains the VDS-NC data. It is transmitted directly from Tamanu to the patient via email.
- The patient then travels outside of Nauru: at a foreign border (or at airline check-in), officials view the document, either on a mobile device or in printed form. Using barcode scanners, the VDS-NC data is accessed and locally verified.
- With the data verified, officers are able to reliably trust the information within and allow access or thoroughfare to the traveller based on their vaccination status.
As the entire purpose of the document is to be validated at the border or overseas to prove that one has been vaccinated, this verification must be watertight: it must be quick (can’t take longer than a few seconds or everyone would miss their plane!), and it must be trusted (there must be no doubt, and no possibility of forgery). The standards have been designed to ensure this.
Both standards are based on QR codes. It’s important to highlight that the format of these codes is unchanged, and that they can be read by any existing QR code reader, such that is present on every mobile phone and many verification devices in airports, such as the kiosks used by fliers in recent years to self-check-in. Only the data inside the QR codes is new, so only a software update – or specific app – is required to interpret them correctly.
The data inside the QR codes include information about the relevant vaccines the holder has received, as well as some identity details. This information is machine-readable: for example, instead of the data being text reading:
This is to certify that Pooja Fairclough-Acosta, born 23 June 1973 has received Dose 1 of the COVID-19 Pfizer Comirnaty vaccine on 11 April 2021, batch 3416BHB, at RON Hospital, Nauru.
The data instead looks like:
Certainly that is a lot more obscure for a human to read! Yet this format means that a reader application in English can show a summary like the one above, but others in French, Japanese, or Nauruan can show the information with language-appropriate labels, without risk of misunderstanding and without requiring translation.
Alongside this data is a cryptographic “signature” and verification information. In simple terms, this uses something called asymmetric keys, complicated mathematical algorithms that provide keys made of two parts: a private key, kept secret, and a public key, which can be safely given out. They are used to provide an unforgeable proof that some data was created by the person or system that owns the secret part of the key, a fact which can be verified using only the public part of the key. These processes are called signing and verifying, and are used to protect and authenticate communications on the internet and elsewhere, such as for credit cards and airplane boarding passes.
Vaccine Certificates use a two-tier signature scheme. The data in the QR code is signed with a private key that Tamanu has access to, and both the public key and this signature are distributed alongside the original data. The keys that Tamanu uses are further signed by a Signing Authority that represents the country, in this case Nauru.
The country’s public key is shared with other countries via direct agreements between countries, or, more commonly, with a service of the International Civil Aviation Organisation (a branch of the UN), the Public Key Directory (PKD).
At the end point of all this is a customs agent in another country: upon scanning a QR code, the reader’s software verifies the data through the signature and against Tamanu’s public key, which are both provided alongside the data in the QR code. Then, it retrieves Nauru’s public key from the PKD and verifies Tamanu’s public key, thus establishing a chain of trust which ensures the data is not a forgery.
The public keys of all participating countries are long-lived: they last for over a decade. Therefore, airports, checker applications, and other agents can retrieve the entire list of country public keys at once every so often, and are then able to stay offline to check QR codes, if necessary. The entire checking process is almost instant: it takes less than a second to perform all of these steps.
Through our journey integrating these systems in Tamanu, we’ve been very grateful for the assistance and lent expertise of the Australian Department of Foreign Affairs and Trade, the Australian Passport Office, ICAO and our partner governments.
We are excited to be deploying this system to other countries in the Pacific to help them provide their population with the means to safely travel overseas. Nauru, Tuvalu and Samoa are all live with the system in place.