COVID-19 Vaccination Pass: A Peek Behind the Curtain

What is the hold-up with these Covid Vaccination Passes? And will they be worth the wait?

Alex Tweeddale
13 min readApr 15, 2021

Every month we hear more rumours about these so called Covid-19 vaccination passes, certificates or passports, which will enable us to restart societal events and travel safely and with confidence. But where are they? This article will explain why there is a delay, what the key points of discussion are, and why governments and supranational bodies are turning their heads towards the benefits of decentralized identity.

The world is at a pivotal moment in the Covid-19 pandemic, vaccinations are beginning to substantially lower the rates of transmission and risk of serious illness, and one question is on everyone’s mind:

“When can I get away from my swivel chair and Zoom coffee mornings, and back into the ‘real world’, where I can sit on a sunny beach with a G&T in hand, care free, and quickly forget about everything in 2020 & 2021 to date?”

Or something to that effect.

The answer is quite simple:

When private companies, national governments and supranational bodies alike can agree on global COVID-19 travel pass standards, with:

  1. Strong privacy preserving features;
  2. Syntactic and semantic interoperability;
  3. A robust governance model and ethical framework to avoid discrimination and a two-tiered society;
  4. Flexibility to accommodate for changes in the virus response.

And to this answer, the general response is:

“Hang on, hang on. So let me get this straight. Firstly, you are going to have to explain what all those things mean. Secondly, you’re talking about some sort of digital Covid passport, right? This sounds a bit like George Orwell’s 1984 to me, I have a right to go to the pub without any sort of passport — I don’t want the government knowing where I am.”

Or something like that.

And yes, this is a fair point. Whatever is built now needs to be something which efficient and easy-to-use, but also must be something which does not discriminate against those who are unvaccinated and that cannot be used for surveillance now, or any time in the future.

This balance is difficult to achieve.

Today, I am going to show you behind the curtain, for a little peek, to explain what the hold up is with COVID-19 vaccination passes and why decentralized identity technology must play a pivotal role in the release of an interoperable global model.

What’s on the table and what’s in the oven?

There is a hesitance and lack of consensus regarding the right way forward for Covid vaccination passes. Firstly, and importantly, because being vaccinated does not simply make people immune from Covid-19.

It is currently unclear to what extent a person can still be infectious following a vaccination, even if that person is asymptomatic. This lack of clarity poses the question of whether vaccination passes should be brought forward at all right now.

In terms of reducing transmission, which is vital at this point in the pandemic to reduce the chances of further mutation, a digital Covid test pass may be the more sensible option to begin restarting society.

Secondly, regardless of the ‘Covid status’ avenue society chooses to go down, the next question is: what is the best way to implement these systems to ensure efficiency and ease-of-use, while effectively safeguarding personal health data and privacy?

The crux of the debate can be simply summarised as follows:

“There are a lot of solutions cooking in the oven, yet, many of them are not yet cooked in the middle. Should we wait for these to cook through, or go with what is already on the table?”

The answer to this is not straightforward.

On the one hand, countries and national governments are swaying more towards what is on the table, since time is a crucial factor here and the general public is getting more and more restless and impatient.

Whilst on the other hand, the private sector is banking on what is in the oven because solutions will be more future-proof and will support far greater levels of global interoperability and flexibility.

On the table

Sitting firmly on the table, ready-to-go is the Digital Green Pass in Israel and similar technology. The Green Pass plugs into Israel’s existing national patient record system. So, when someone is vaccinated, their data gets inputted into the system, and when someone wants their vaccination status to be checked, a request is made to the central database, and out pops their vaccination status.

For this reason, this model can be described as a ‘centralized’ solution.

However, this approach is somewhat naïve. This is because it is:

  1. Localised: It only practically works in one jurisdiction, rather than facilitating international travel easily. So if an Israeli went to an Italian event with their Israeli Green Pass, Italian companies and public bodies would struggle to trust the authenticity of the Israeli proof and would need specific education and training on how to handle this proof.
  2. Unsecure: It creates a big pot of data, detailing the statuses of every vaccinated person and recording every time the Green Pass is checked. This could potentially lead to mass surveillance, a large data breach in the future and a breakdown in personal privacy. Tamar Zandberg, for example, an Israeli politician, has described this approach as a “slippery slope” for personal privacy (source).
  3. Unethical: Israel is publishing the personal data of persons who do not get vaccinated, in a sort of name-and-shame style stunt, to incentivize uptake of the vaccine. Hadas Ziv, of Physicians for Human Rights, accused the Knesset of “passing a draconian law which crushes medical ethics and the patient rights.” (source).
  4. Clunky: It is built on legacy systems and centralized data structures, requiring a huge amount of cost and effort to make work with low latency and high efficiency, especially from around the world. Crucially also, the system must be online 24/7 and any down-time would affect the entry permissions of everyone reliant on the particular system.
  5. Monolithic: Centralized systems for Covid-19 status passes will likely remain in place beyond their intended lifespan, with a large degree of vendor lock-in, establishing a monopoly.

The fragilities and naivety with centralized systems can also be displayed clearly by looking at the latest update on the National Health Service (NHS) Covid app in the UK. In this instance, Apple and Google blocked the NHS Covid update, which intended to store each user’s venue history within a central database to correlate Covid-19 cases. Even though the system was designed to ask user’s consent to ‘opt-in’ to sharing this venue data, it was blocked on the grounds that it would store locational data of the users, infringing on personal privacy regulations set by the app stores.

In practice, if this update was passed, the NHS would have had a log of everywhere and every time a venue was scanned into.

This illustrates why there is a hold-up, because pushes to create a Covid status pass through a centralized model often comes at odds with data protection and privacy standards, regulations and laws.

That being said, there is still a large contingent of society that supports this approach because it is firmly on the table, and in the interest of time, it may be a system which does a functional job in the short term. It seems that at this moment, many people would feel willing to sacrifice a degree of privacy to return more quickly to a state of normality and comfort. This public pressure is something that needs to be weighed up against the long term fragilities of the technology.

For this reason, I do predict that we will see a type of centralized system for Covid-19 status proofs in the short term, certainly in some jurisdictions, although I want to stress that it is imperative that decision makers begin to look towards decentralized solutions, which protect public health without impacting the right to privacy.

In the oven

In the oven, slowly cooking through, are ‘decentralized’ solutions, which do not rely on a big database to provide verification of Covid-19 statuses. Instead, each individual will be able to hold a digitally signed and verified proof on their phone (or on a physical paper certificate), which can be checked by third parties, without anyone else having knowledge or oversight of that interaction.

This works because the status is cryptographically signed by an issuing party. This means that proving a Covid status using this model does not rely on a request to a legacy database but relies on the robustness of technical standards. The solutions which I am discussing in this article are digital ‘decentralized’ identity models built on the W3C technical standards, Verifiable Credentials (VCs) and Decentralized Identifiers (DIDs), more on which can be found here.

Examples of decentralized identity solutions are Spherity’s ReOpen Test & Vaccination passes, the IATA Travel Pass and Affinidi’s Immunitee Health Passport.

Through this abstraction away from routing all data and information into one system, this model has significant benefits, such as being:

  1. Interoperable: Built on globally understood technical standards (W3C Verifiable Credentials and Decentralized Identifiers) and commonly used technical pathogen vocabulary, these proofs will be able to be verified easily and with confidence around the world;
  2. Ethical: Whilst taking slightly longer to develop, decentralized identity approaches and the governance surrounding them are being agreed upon by the World Health Organisation (WHO), European Union (EU) and independent initiatives such as the Covid Credentials Initiative (CCI) Governance Framework.
  3. Flexible: Decentralized identity solutions can apply business logic due to being far more flexible than centralized architecture, such as requiring 60% of entrants to a venue, or flight to have a valid Covid status, rather than 100%. This could remove the potential of creating a two-tiered society, while balancing the need to protect public health. Decentralized solutions can also accommodate paper based certificates with strong security, based on the same cryptography.
  4. Cost-efficient: Decentralized identity solutions are faster and cheaper in the long term because the infrastructure leverages cryptography and decentralized trust, rather than millions of API requests to a central server;
  5. Privacy-preserving: Since trust in a decentralized system exists on a person’s mobile device or paper based certificate, rather than a database, there is no authority which can oversee, surveil or analyse the movements of the public, protecting people’s right to privacy securely.
  6. Future-proofed: Building a decentralized identity system now, accommodates for further uses of it in the future, upholding best practices in security and compliance. Rather than being a single-use solution, it is largely recyclable.

*Raises hand*

“Quick question: So this sounds great, but what is the hold up, why are these solutions still in the oven? And how long would they take to actually launch?”

Good question, and the answer to this has a few key points to note:

  1. There are multiple ways of building decentralized identity solutions, and not all will talk to each other, which then runs into one of the same problems as the centralized solutions.
  2. What has happened, therefore, is that companies and consortia have backed different ways of building these solutions to pre-empt the consensus of the supranational bodies. Some companies have focussed more on privacy, while others have focussed more on global interoperability.
  3. What has emerged is a selection of different decentralized identity Covid-19 vaccination and test status consortia, such as: The Good Health Pass Initiative, The Vaccination Credentials Initiative, The Covid Credentials Initiative, IDUnion, and many, many others…

Only recently, has there been a push and breakthrough from the leading supranational bodies. For example, The European Union has recently published a set of requirements for it’s Digital Green Certificates, which clearly states:

“In particular, the “Digital Green Certificate” framework should not require the setting up and maintenance of a database at EU level, but should allow for the decentralised verification of digitally signed interoperable certificates.”

This is a very positive statement from the EU, who have acknowledged that the decentralized approach is preferred, in principle. The question now is whether it can actually provide true interoperability, in practice.

And progress is now being made on this specific point at a rapid pace.

The World Health Organization has recently published a Release Candidate data model dictionary for Smart Vaccination Cards, found here. This means that the WHO has published a vocabulary that companies can use to talk and interoperate with each other. The WHO guidance covers 28 types of vaccines that the global society depends on, including Measles, Smallpox, Polio, Yellow Fever, COVID-19, and others. This is a huge step forward in creating globally functional digital Covid-19 vaccination or test statuses, and importantly, it is future proofed for other uses going forward.

Based on this development, the W3C Credentials Community Group has published a set of vocabulary, found here. And interoperability testing has already been demonstrated between companies, Spherity being one of them, found here.

This interoperability testing shows specifically three things:

  1. A test suite containing 28 vaccine types in the WHO vocabulary.
  2. 7 independent vendor implementations issuing and verifying each other’s WHO Smart Vaccination Cards.
  3. 1,623 passing tests demonstrating true interoperability.

This is largely a step in the right direction for decentralized identity systems and shows demonstrable progress towards a real working decentralized system for Covid-19 vaccination credentials.

And with the emergence of BBS+ signatures for Verifiable Credentials, and pertinent discussions in the recent Internet Identity Workshop on a unified Credential exchange protocol, wonderfully dubbed the Killer Whale Jello Salad, a truly interoperable end-state is nearing closer.

Concluding thoughts

At the beginning of this article, I explained that for anyone to be able to get on holiday safely, 4 points would need to be met. I will conclude by explaining exactly how these 4 points are being addressed by what is in the oven, and therefore, why society needs to prioritise these systems.

  1. Strong privacy preserving features

Decentralized architecture relies on data and trust being stored by an individual or decentralized storage container, and secured by cryptography, rather than solely by a government or central database. Although vaccination records may of course still be stored centrally, decentralized trust means that this central database will not have a log of every time an individual has tried to use their Covid status pass. This is the issue that the UK recently ran into, discussed earlier, which requested venue logs to be recorded in the central database.

2. Syntactic and semantic interoperability

As of 19th March 2021, there is now a vocabulary published by the World Health Organization which lays out how decentralized technology should be built, ensuring both semantic and syntactic interoperability. This interoperability has already been demonstrated by industry participants, such as Spherity, who can now process Covid status credentials via APIs, their cloud identity wallet and agent.

3. A robust governance model and ethical framework to avoid discrimination and a two-tiered society

The ethical framework, through which we scrutinise the effectiveness of the applied technology is crucial. And such a framework is not entirely clear yet. Such a framework will need to be decided by national governments and specific jurisdictions before any technology is launched into society.

There has been significant work done to ensure that the technical standards and implementations that decentralized solutions are built on are ethical. The Covid Credentials Initiative (CCI) Governance Framework, for example, which many companies in this space will follow, provides a list of principles and minimum standards that companies must adhere to, to ensure privacy, data protection compliance and non-discrimination. However, the certification of specific solutions and compliance of solutions against a specific ethical framework is something which is yet to be fully developed.

4. Flexibility to accommodate for changes in the virus response

Verifiable Credentials, the technical standard which underpins decentralized Covid-19 solutions are flexible and adaptable ways of recording data. Through specific innovations, such as selective disclosure supported by BBS+, they can enable specific business logic to be implemented which can accompany public health guidance in an adaptable way.

Flexibility is crucial for a few reasons:

  1. It enables Credential definitions to evolve alongside mutations and changes in the virus, discerning between variants via complex business logic if required.
  2. A model could be implemented, through business logic and technical agents, requiring say 60% of entrants to an event to be vaccinated, rather than 100%, accommodating for those unvaccinated without putting public health at risk. This largely dispels the idea of a two-tiered society through sensible governance and regulation, leveraging the power of decentralized architecture.

And finally…

“Hey sorry, I have one final question, this all sounds well and good, but WHEN will I be able to head to a sunny beach and get back into the REAL WORLD, thanks?!”

With the emergence of working interoperable Covid status credentials, demonstrated with the WHO vocabulary, the hold up is now largely not on the side of the technology. The hold-up is on national governments, proactively running tenders, explaining exactly what they want built and giving the green light to compliant companies.

Having had a peek behind the curtain, I believe that there is now a growing general consensus that decentralized identity solutions for Covid-19 statuses is the right way forward; although we are still many months away from a functional, international, credential-based system, which could act as the panacea.

For this reason, in the interest of time, it is likely that we will see clunky, unsecure and unethical systems sprouting up in jurisdictions in the near future, which cannot communicate with other countries’ systems.

But, we will see positive change, it is truly on the horizon, and Spherity will be at the heart of that change, bridging the spheres between the legacy systems of today and the decentralized architectures of tomorrow.

Spherity have developed their own Covid TestPass, built on decentralized identity standards, which gives far greater trust to Covid status attestations. In terms of reducing Covid transmission, we believe that an effective test pass is the most effective way of restarting society safely. This same technology can also be used for vaccination passes — with flexibility for vaccination credentials and test credentials to be bundled and presented together.

For more information on Spherity’s ReOpen Test & Vaccination Pass and how Spherity’s cloud identity technology can process Covid status credentials, visit our website.

Stay sphered by signing up for our newsletter, follow us on LinkedIn or Twitter.



Alex Tweeddale

Product Manager & Governance Lead at cheqd and specialist in the intersection between law & decentralised identity