Vaccine passport applications: can Big Tech do better than contact tracing?

It could be Big Tech’s turned to breach pandemic solution tools after his failed attempt last year on contact tracking apps, which used Bluetooth technology to alert people if they were near someone who tested positive for the virus. These products were plagued by proximity measurement issues while maintaining data anonymity, notifications that failed to trigger, and slow adoption rates between states.

On paper, this latest effort should be much simpler, but businesses face a crowded app market and the potential for privacy concerns among some Americans.

Samsung recently announced that users of Galaxy devices can upload their immunization records from the CommonHealth app – created by the Commons Project Foundation, the same non-profit health organization that works with some airlines for proof of. vaccination – and store it in the Samsung Pay digital wallet. Unlike some apps which do not verify if downloaded vaccination cards are legitimate, users verify their identity and access their status with the pharmacy or health care provider that provided their shot.

“If Big Tech has specific applications that they are going to work with, it would drastically reduce the volume of application solutions that are currently flooding the market,” said Sam Gazeley, digital research analyst at ABI Research. “This would help to some extent by removing the risk of fraudulent certification of forged documents entering circulation.”

Some vaccine checker apps, such as New York’s NYC Safe app, have been criticized by some privacy experts for being a “dress-up camera app”, allowing users to upload photos of their card. vaccine – or whatever – and leaving the onus on business owners to determine if it’s real. (To date, countless counterfeit vaccine cards have been sold on the dark web and the U.S. Border Patrol. seized thousands of counterfeits.)

In addition to checking the status of the vaccine, apps such as the CommonHealth app and the New York Excelsior Pass app developed by IBM provide a scannable QR code for entry into different businesses. They do not display any personal information beyond whether that person was shot.

Some experts say companies like Samsung, Google and Apple could play an important role in bringing the private and public sectors together to create verifiable supporting documents.

“Tech companies are helping lead the way by surpassing US efforts on verifiable digital Covid-19 credentials, but perhaps more importantly, by storing portable digital data on consumer health in digital portfolios, ”said Donna Medeiros, senior research director at market research firm Gartner. “It means using cell phones to share our data in a standardized way when, where and with whom we want.”

In June, Google announced that Android users will be able to store various test results and vaccine statuses from healthcare organizations, government agencies, and organizations directly on devices. Meanwhile, Apple’s iOS 15 software coming this fall can store verifiable vaccine records and test results in its Health app.
Other vaccine review apps available in the Apple App Store go through a strict approval process. Apple only approves those well-known entities such as government organizations, health-focused NGOs, medical and educational institutions, and accredited health-related companies. Earlier this year, it released an update on health card apps to outline privacy requirements. Developers can use Apple’s PassKit framework to make these apps available on Apple Wallet.

Vaccine state apps have been quickly adopted in California, New York and Louisiana as more people download their data and store it on their devices, largely due to local governments requiring proof of vaccination to enter certain areas. It’s also an attractive effort for smartphone makers who don’t have to manage the process on their own.

Gazeley said serving as a storage solution is less risky than creating location monitoring software that is loaded with privacy concerns.

Make a mark

Last year, longtime rivals Google and Apple announced with much fanfare that they would work together to help governments track the spread of Covid-19 using Bluetooth technology. It was also set to be a potential tipping point in their long-standing efforts to gain a foothold in the healthcare industry. (Samsung did not have a contact tracing initiative).
Google and Apple’s apps designed to anonymously monitor where people were traveling, who they were with nearby, and alert them if they ever had been exposed to the virus. Ultimately, they were buggy, had privacy concerns, and weren’t widely adopted.

Amy Loomis, research director at IDC who closely follows future work trends, said Big Tech’s efforts to support vaccine health card applications are naturally better prepared for success.

“Language matters,” she said. “No one wants to be ‘tracked’ or tracked, but we show ‘proof of’ all the time – proof of employment with a badge, proof of legal age with a license.

“Even if [Apple and Google’s] the implication is limited to providing the storage solution for the certificate itself, many will associate it with the issuance by [the company] even if it doesn’t, “Gazeley said.” So that way, it pays them more than the attempts of the contact tracing app. “

Challenges ahead

Not everyone is convinced that Big Tech will succeed. According to Albert Cahn – whose experience upload a picture of mickey mouse to the NYC Covid Safe app as proof of vaccination went viral earlier this month – vaccine verification apps are opening up a Pandora’s Box of privacy concerns and are susceptible to counterfeiting, which could provide a false sense of protection when entering an establishment requiring a vaccine such as a restaurant or workplace.

“Tech companies have promised us exposure notification apps will stop the pandemic. They failed, ”said Cahn, founder and executive director of the Surveillance Technology Oversight Project and a fellow of the NYU School of Law. “Now vaccine applications will fail us yet again, and I fear they will permanently damage public confidence in vaccines.”

Vaccine passport applications are about to be everywhere.  it might get complicated

He said that the fact that some apps are easy to tamper with, not all citizens own a smartphone, and the lingering questions about how user data is managed will be limit the success of the tools. The main concern about privacy, he said, is whether location or medical data will be collected and stored and who will have access to that information.

The companies behind the many apps on the market have said they won’t store data, but perception might deter some nonetheless. (The issue has already been politicized this year. For example, Florida Governor Ron DeSantis banned the use of vaccine passports in the state in April, citing issues of freedom and confidentiality.)

The Vaccination Credential Initiative – which includes IBM, Microsoft, Salesforce, Oracle, Mayo Clinic, and the Commons Project – plays a key role in developing U.S. standards and guidelines for digital health passes. This requires that participating applications do not save the data on a central server or be aggregated, so that an issuer would not know a person’s location history.

Yet Cahn argues that the money states have spent on application development could be better used as financial incentives and paid time off for vaccine hesitants. His organization said New York’s Excelsior app cost nearly $ 27 million to develop, more than 10 times the project’s original budget. (The state told The New York Times that it has spent only $ 4.7 million to date and will only hit the full amount if the program is successful.)

“Despite all of these applications, the best proof of vaccination is still the laminated CDC card that I carry in my pocket,” he said.

Another major problem stems from the applications that each site or company decides to require for proof of vaccination. Meanwhile, Samsung declined to say whether it would open its digital wallet to applications beyond CommonHealth, but “without universal acceptance, the impact it will have on reducing the [app] noise will remain limited, ”Gazeley said.


Comments are closed.