Vaccine Passports, how do they really work?  

When I really think about it, I got my first Vaccine passport when I was a baby. My mom took me to the doctor, he/she inoculated me against Polio and a host of other contagions and gave me a little yellow book that got filled every time I collected another “shot in the arm”.  That little yellow book had some problems though, nothing “could” stop me from writing new information into it, if I wanted. There was no way to really prove it was an official record. And if someone were to read it, they would know my entire vaccination history! 

Ontario seems to be leaning towards introducing a vaccine passport for residents. The announcement is expected sometime this week. British Columbia and Quebec have already launched similar passports. The question is, what will Ontario’s new system look like and how will it differ from the current system?  How does a vaccine passport actually work, and why is it so much safer than the little yellow book? This is a perfect use case for why digital credentials are superior to digital signatures. 

What Ontario has now (it’s more than you think) 

When you received your shot, you were sent an email that contained a copy of your vaccine certificate detailing information on the vaccine you were given (the name, the dosage, and the number of doses received, among some of the details provided). The certificate contained in the email was digitally signed, which means it could be proven to be authentic. Proving its authenticity, however, would be a difficult and technical process that most people would not be able to do on their own without special software. It also means that the printed version, or hard copy, can not be validated. This could lead to people being able to forge their passport, since it would be difficult to validate.

Picture of Ontario digital certificate currently attached to vaccine certificates 

Ontario digital certificate attached to vaccine certificate

However, the Ontario Certificate does not have a “full chain of trust” which means that it cannot be verified that the certificate actually came from an Ontario health region. Below is the picture of what happened when we tried to validate the signature on the current Ontario certificate:

Signature Validation of vaccine certificate

The same problem occurs on many digitally signed documents, which is why Vaultie created a blockchain-based digital signature to help Lawyers and Financial institutions prevent fraud on documents.  

How does a vaccine passport work?

A vaccine passport adds two technologies to a traditional digital signature that both prove the authenticity of the document, and that the person using the document is the same person the credential has been issued to. What are the key components of the technology?

Verifiable Credentials – A verifiable credential is a digital instrument that is issued by one party (the issuer) to another (the credential holder), and can be wielded autonomously by the credential holder. Similar to your Driver’s license, issued by the government, which you can keep in your wallet and show to whomever you like, you can store your credential digitally, on your phone, or in a digital wallet. The fact that you are storing it on your phone, means that nobody else can see it, access it, or alter it unless you share it with them.

Blockchain – A blockchain is kind of like a giant book of records, that is continuously monitored by a series of computers. They don’t hold your credential, but they do hold a record of how that credential can be verified. For a vaccine passport, that means the information can be verified by any user with access to the Blockchain.  

 You’ll be able to present your Passport via a QR code, that can be scanned by any phone.  Let’s say, for example, that you are going to a baseball game. It’s pretty obvious that the Blue Jays don’t need to keep a copy of your vaccination history. They’ll be able to scan your QR code, see that the credential has actually been issued by the Ontario government, see that it’s actually your credential, but will not be able to keep or even store that data. As soon as you walk through the gate, they lose that information. It was only there to prove, for that brief second, that you were in fact vaccinated. 

 More than just vaccines 

This is actually a pretty revolutionary technology, because it can be applied to so much more than just your vaccines. The same technology can be applied to digital driver's licenses, health cards, and legal documents such as contracts and notarizations, and even wills. This means that we can now prove that a  document is both real, and only wielded by its intended users and those they choose to share it with. This gives you unprecedented security and control over your most sensitive information.  

To learn more about how we’re revolutionizing your safety on legal documents check out our website.