Feature Request: ability to "merge" certificates from two (or more) different EU states

[lc-nyovchev]

I have had my jabs in two separate EU states:

• first one in the Netherlands
• second jab in Poland

Since the healthcare systems of both countries are disconnected, in both cases the cert says the following:

Vaccine dose: 1 out of 2

And as a result, I have two certificates, both incomplete. A deeper look in the data shows the following: (check this file out for the specification of what each field means):

{
    "dn": "1", // obviously, because both countries think this is my first jab 
    "sd": "2", // cause it's 2 vaccines you need in both countries in order to be fully vaccinated
    "mp": "Comirnaty", 
    "dob": "<My date of birth>",
    "fn": "<My full name>" ,
    "co": "<NL or Poland>" 
}

What I'd expect is that everything being the same (including my name and dob), these 1/2 doses from the two different EU member states should be detected to make a single valid certificate. After all, 1 + 1 is 2, right?

[goebelUB]

Unlike some other apps (e.g. the German ones), the Swiss app currently does not group or merge certificates at all, no matter the issuer.

Instead, it considers each certificate individually and runs a set of validation rules against them. Your first cert is thus considered invalid because on its own it is lacking one additional dose. The second is considered valid because it shows that you have received "full protection". There is some implicit trust that the issuer only issues a cert with dn=2 if you indeed received the first dose at some point.

I haven't checked, but I would be surprised if other apps actually consider all certificates in a group during validation, as opposed to also validating each cert individually and simply displaying the result ("valid!") for the "best" one within the group (e.g. Germany's CWA shows test certificates first).

I think it really comes down to a UX/design decision: what do you want to show and how? (Related: #215) No grouping? Group related vaccination certificates? Group by person? Currently CH went for complete separation while e.g. DE decided to go with grouping by person.

[lc-nyovchev]

I totally understand your point and I like the idea of treating each certificate separately.

I have briefly checked against the validation rules, but I think the problem is for most of people who got each vaccine in a different country, the certificates look like that:

Jab1

{
    "dn": "1",
    "sd": "2", 
    "mp": "Comirnaty", 
    "dob": "<My date of birth>",
    "fn": "<My full name>" ,
    "co": "Country 1" 
}

Jab2 (in a diff country)

{
    "dn": "1",
    "sd": "2", 
    "mp": "Comirnaty", 
    "dob": "<My date of birth>",
    "fn": "<My full name>" ,
    "co": "Country 2" 
}

Since both jabs are 1/2, none of them individually would be enough to consider that I am fully vaccinated. Which basically means that any certificate that's having dn:1 is useless. Even if I had vaccinated in 5 separate places, as long as they don't say "dn:2", having 5 of them is worse than having a single one that has a dn: 2. Is what I am saying correct?

[goebelUB]

Ah I see! I thought the first was 1/2 and the second was 2/2, thanks for clarifying.

In the wallet app handling this case is technically possible, by matching the name/dob/vaccine details as you suggested. The main problem I see is with the verifier app: it requires changing the UX flow quite a bit since you then need to scan multiple QR codes.

Of course ideally country 2 would have checked your first certificate and put 2/2 in the second one.

In Switzerland the national or cantonal hotline helps with revoking and re-issueing certificates in cases where e.g. the medical staff did a typo in the name when entering the personal details. Maybe there's a hotline in your country 2 that can issue you with a corrected certificate? After all, you can argue that technically the entry in the second cert is wrong.

I'll raise this with the team to discuss what we can do. However I don't think this case is widely supported across other European verifier apps or event ticketing apps (example in German). So getting another certificate might be the easiest short-term option.

[lc-nyovchev]

Thanks for the quick response!

In the wallet app handling this case is technically possible, by matching the name/dob/vaccine details as you suggested. The main problem I see is with the verifier app: it requires changing the UX flow quite a bit since you then need to scan multiple QR codes.

That makes sense. I haven't thought of the verifier app where indeed the flow would change quite a bit :(

Of course ideally country 2 would have checked your first certificate and put 2/2 in the second one.

Totally! I was really surprised when the government workers in Poland themselves, for example, couldn't make it to be the second dose (the interface of their app blocked that possibility, since I was were not registered in their system for having had my 1-st jab). I've heard that the same situation is with Greece as well (you can't have a jab claiming to be 2-nd unless you've had your fist jab in the same country). I guess not many people are in that situation :)

In Switzerland the national or cantonal hotline helps with revoking and re-issueing certificates in cases where e.g. the medical staff did a typo in the name when entering the personal details. Maybe there's a hotline in your country 2 that can issue you with a corrected certificate? After all, you can argue that technically the entry in the second cert is wrong.

Indeed! That's, of course, the real solution: having the correct certificate itself. I think even showing two 1/2 certiicates at a border should be sufficient but it doesn't hurt having the right certificate in the first place anyway.

However I don't think this case is widely supported across other European verifier apps or event ticketing apps (example in German) Correct! I have gone through a couple of apps:

• Dutch
• German
• Danish
• Polish
• Swiss (this one)

And this app (along with the German) give the biggest amount of flexibility/usability, but none of them so far manages to recognize that two 1/2 for the same name and dob but a different country actually account to having a full vaccination.

ll raise this with the team to discuss what we can do... So getting another certificate might be the easiest short-term option.

I myself will most certainly indeed apply for them to reissue the "correct" type of certificate. However, I still owe you a big thank you for your time and your willingness to raise it with the team! If after that discussion you find out the issue is not worth the extra development complexity, please feel free to close the issue.