Don’t sweat it. I was just kidding - in an accurate self-assessed sort of way: I do realize I’m paranoid, which is what separates me from the truly bonkers 
1 Like
ok I found another very fast method, I uploaded the photo to my “dropbox”, I created a private link to the photo and copied the link, it works on both xseed and next, when scanned point ti link or photo
NB: i test it only on iphone
1 Like
2 Likes
I’ll leave this here if anybody is interested: finally a simple description of the data structure of EU digital COVID certificates (with a link to the public keys):
And here, a simple Python decoder:
And more interesting technical content:
https://blog.hqcodeshop.fi/archives/516-Decoding-EU-Digital-COVID-Certificate.html
Actually the Python decoder in that last link beats anything I’ve seen: it’s feature-complete and works beautifully:
3 Likes
I saw iOS 15.1 let’s you add your covid passport to the Apple Wallet. I wonder did this will help you in future quests since the Apple Wallet is an NFC wallet.
1 Like
Not the same thing.
There are plenty of apps that let you store your COVID certificate on your phone, as a convenience to present it to someone who requests it. But there are precious few that let ordinary people - i.e. not health officials, customs officials or some such - check the validity of their, or someone else’s certificate. Sometimes for obvious reasons: for example, in Belgium, it’s against the law for someone without proper authorization to request another person’s certificate.
This Apple app belongs to the former category of apps.
1 Like
Belgian update, there is an app to check validity:
Everyone can download it and use it 🤷 still need to double check with an id card to see if it matches though.
Oh nice, thanks!
That’s surprising from Belgium though. I had heard they didn’t want people to be able to do this.
EDIT: I just installed it and wow! It’s very complete and very informative. Best such app I’ve seen so far.
And you can tell it’s from Belgium: the first thing it does is ask you in what language it should be
I presented my COVID certificate to an event organizer for the first time today. Unfortunately, my main concern was confirmed: the NDEF containing an image of the certificate QR code is a stupid solution.
What happens is, when the person scans your implant with their phone, they get the smart poster containing the image of course. But then they can’t do anything with it: there’s no standardized mechanism to handle QR codes from any source. Unlike apps built to handle mimetyped data, apps that deal with QR codes always implement their own custom scanning and decoding code that always grabs images directly from the camera.
So the net result is, you have to scan the NDEF on your own phone, then present your phone to the person’s own phone. In other words, you may as well keep the QR code on your phone in the first place, or on a piece of paper. No implant needed.
In my case though, there was a silver lining: the event dude scanned my implant then scratched his head because he didn’t know what to make of it. But he assumed it looked so “medical” and official that it had to be legit. He literally told me “I didn’t know doctors offered COVID certificate as implants now! My app must be too old to verify it, but it’s okay, you can go through”. I sure didn’t elaborate on where the implant and its content really came from
So my certificate did its job, just not the way I intended.
3 Likes
What is the byte data contained within the QR code?
Long story short: it’s a base45-encoded zipped encrypted JSON, the public keys of which are published by the EU and used to validate the data without any need to go online. Really clever and secure actually. I like it.
But no app will take the base45 data. They all want to get it from a QR code image, usually grabbed from a camera.
Unless there was a DT app that could read it off of an NDEF. Hint hint
1 Like
You will be happy to know that I have fixed the NFC code in the EU COVID certificate verifier reference implementation app. It now successfully scans COVID certificates off of NDEF records.
Sooo… I will be submitting a patch to the developers, and since all national COVID apps in all European countries are derivatives of that reference app, all we EU residents will soon have officially the option of presenting our implants for scanning anywhere in Europe.
I’m mighty proud of that one
19 Likes
What the fuck? Really? This is epic!
Like legit the best usecase after payments right now!
I imagine this will spark some great discussions…
You should be!
1 Like
Yeah, you can try it if you want:
dgca_verifier_app-1.2.4-acc_NFC_FIX.apk (10.0 MB)
The certification keys might not work (i.e. it might tell you your certificate is not valid even though it is) but it scans NFC tags alright.
What you need is stick the QR code string VERBATIM (including spaces and all) on a plain text record in an NDEF. The string starts with “HC1…” usually.
3 Likes
That’s so cool!!
I thought that some of you were doing that to troll people. But I’m in a part of the world where no one is asking for vaccination certificates or test results…
1 Like
Troll people? How so?
If they don’t require at least some form of proof of immunity in your neck of the woods, you must live on the pampa, or in the Atacama, or somewhere really remote. Either that or your elected officials should be shot through the head for utter recklessness.
Even US states issue certificates, even if it’s not well standardized and organized like in Europe. And God knows if there’s one country on Earth that handles the pandemic like a quadriplegic on a trampoline, it’s Uncle Sam. I can’t imagine your own country can do any worse.
1 Like
I’ve never been asked for proof. I don’t get around too much, but seems like you get mostly through without being checked in Berlin 
As in “scan my hand, they are giving away chips with the vaccines” or something along those lines. Needless to say that doing this is an asshole move that can cause harm…
I don’t want to go down the political rabbit hole of how strict covid measures must be, etc… I just said that no one is asking for certificates where I live but we do have them.
2 Likes
Local circumstances differ of course. But at least here in Finland, there are talks of compulsory COVID certificate checking for any public venues like bars and nightclubs and such, as the country is slowly sliding into the red zone. Hence my trying to get this show on the road: I didn’t bother to get implants to have to present loose pieces of paper to have a drink.
In any case, if you fly, you’ll need a certificate to be allowed onboard an airplane without major hassle.
2 Likes