How likely is a digital vaccine passport? Quite probable in some parts of the world. For example, Denmark has put forward plans to develop a digital vaccine passport, designed to identify those who have received the COVID-19 vaccine. Is this concept a force for freedom, allowing people to travel widely? Or is it an unwanted extension of state control? And what happens to the data held within the passport, and what are the concerns of these data falling into the wrong hands?
The concept has, inevitably, attracted interest from technology firms: From facial recognition businesses to digital identity experts, as the BBC reports. But what of cybersecurity?
To look more deeply at the security implications of the digital vaccine passport concept, Digital Journal sought the opinion of Erez Yalon, senior director of security research at Checkmarx. Yalon has especially strong thoughts around cybersecurity and the use of electronic medical records.
Digital Journal: What are the cybersecurity concerns with digital vaccine passports?
Erez Yalon: These ‘software passports’ present a variety of challenges pertaining to security and privacy. Some immediate considerations that should be taken into account include identification: “Who am I?” – Passport carrier identification – There will be a need to ensure that the individual carrying the passport is who they claim they are. This is relatively easy to solve if the process is done manually, where a person can check a picture or ID, but if required to be done automatically, there is a challenge.
DJ: Who can pull (read) the information?
Yalon: System user identification – Who will be allowed to check the data? Anyone? Police? Airline personnel? Bouncers at the doors of clubs and arenas? Authentication of system users, and the correct authorization, are needed to avoid malicious use.
Also, “who can push (write) information?” This is about system component identification. Such a system is complex when considering the multitude of responsible ‘contributors.’ Vaccination information is going to be submitted by various medical outlets including hospitals, public and private clinics, independent doctors and nurses, and more. These submissions will be communicated and reported to local, regional, and national medical centers that should eventually aggregate all information under one organization. Each step of the way must be correctly authenticated and authorized to make sure that data is added to the system only by individuals who are allowed to do so.
DJ: What are the data handling concerns?
Yalon: There is data transfer: The complex network described earlier requires the handling of a lot of “moving data” when being sent and received. It only takes one branch of this network to not be secure enough to place the data at risk.
We also need to be concerned with privacy. Leaking data, especially medical data that is considered sensitive, can cause a huge issue of privacy breach. Considering these ‘software passports’ will potentially hold everything from medical information to travel logs to biometric data, the importance of placing privacy at the forefront is clear.
And there is integrity, If the transportation of data is not secure enough, it might be corrupted or forged, which could damage the integrity of the information and the entire system at-large.
Finally, with data retention. Even when not “on the move,” sensitive data needs to be protected and secured. Controls need to be implemented to ensure that the data cannot be accessed by malicious actors.
DJ: What happens if data needs to be shared?
Yalon: With data sharing and minimization, this is similar to as we saw with contact tracing applications, if individuals will not be mandated to opt-in to this digital identification system, then an opt-in / opt-out mechanism must be made available. Additionally, the PII data that is collected should be kept to a minimum, only gathering the essential information that makes this a viable solution.