Abstract
Goal: As the Coronavirus Pandemic of 2019/2020 unfolds, a COVID-19 ‘Immunity Passport’ has been mooted as a way to enable individuals to return back to work. While the quality of antibody testing, the availability of vaccines, and the likelihood of even attaining COVID-19 immunity continue to be researched, we address the issues involved in providing tamper-proof and privacy-preserving certification for test results and vaccinations. Methods: We developed a prototype mobile phone app and requisite decentralized server architecture that facilitates instant verification of tamper-proof test results. Personally identifiable information is only stored at the user's discretion, and the app allows the end-user selectively to present only the specific test result with no other personal information revealed. The architecture, designed for scalability, relies upon (a) the 2019 World Wide Web Consortium standard called ‘Verifiable Credentials’, (b) Tim Berners-Lee's decentralized personal data platform ‘Solid’, and (c) a Consortium Ethereum-based blockchain. Results: Our mobile phone app and decentralized server architecture enable the mixture of verifiability and privacy in a manner derived from public/private key pairs and digital signatures, generalized to avoid restrictive ownership of sensitive digital keys and/or data. Benchmark performance tests show it to scale linearly in the worst case, as significant processing is done locally on each app. For the test certificate Holder, Issuer (e.g. healthcare staff, pharmacy) and Verifier (e.g. employer), it is ‘just another app’ which takes only minutes to use. Conclusions: The app and decentralized server architecture offer a prototype proof of concept that is readily scalable, applicable generically, and in effect ‘waiting in the wings’ for the biological issues, plus key ethical issues raised in the discussion section, to be resolved.
Highlights
T HE Coronavirus/COVID-19 pandemic of 2019/2020 is still taking its terrible toll as we write this [1]
We focus on the design and implementation of a prototype mobile phone app and requisite decentralized server architecture, intended to facilitate verification of tamper-proof test results
We use a ‘Consortium blockchain’, shown in Fig. 2(B) as circles: this is not a fully public blockchain like Ethereum or Bitcoin, but rather a blockchain shared by a Consortium of known providers who have signed up to the Ethics Guidelines we describe in the Discussion Section
Summary
T HE Coronavirus/COVID-19 pandemic of 2019/2020 is still taking its terrible toll as we write this [1]. Tests for the presence of antibodies could offer a way for people who can prove COVID-19 immunity to go back to work [2], [3]. There are, challenges concerning the biological premise of ‘immunity’: the strength and longevity of COVID-19 immunity after infection are matters of current debate and research, as are the sensitivity and robustness of the relevant tests [4], [5] and the race to develop a viable vaccine [6], [7]. Given the scale of the pandemic and financial fallout, it is plausible that ‘COVID-19 antibody test / vaccination certification’ ( ‘CAT/VC’), if shown to be robust, will be in great demand. A digital certificate makes the most sense, provided that it can be: (i) Privacy-preserving (because as proud as the holder might be of new-found ‘immunity’, personal data can be re-purposed in unpredictable ways [10]), (ii) un-forgeable, (iii) easy to administer, (iv) verifiable while still preserving privacy, (v) scalable to millions of users, and (vi) cost-effective
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
