Jo-Achim
commented
3 years ago An unpleasant additional problem ... different EU vaccination certificates with different QR codes for one and the same vaccination and person!
Please verify.
There are different EU vaccination paper certificates (1) for one and the same vaccination of the same person, which can or lead to different results when the certificate is checked by the CWA with regard to entry requirements!
(1): EU certificates with "QR code left and text right" (old) and "text left and QR code right" (new).
Technical details:
Samsung Galaxy Note 10, SM-N970F/DS Android 11 (One UI 3.1) with Android security update: 01. July 2021 Google Play-Systemupdate: June, 1st, 2021. CWA Version: 2.6.1 ENF: 18212418000 / 18212621000
Describe the problem:
I have two different EU vaccination certificates for myself (with identical dates); once in the 'version old' (QR code on the left and text on the right https://github.com/corona-warn-app/cwa-app-android/issues/3514#issuecomment-865872016) and once in the 'version new' (text on the left and QR code on the right; see PS below); downloaded from my account at the local vaccination center. Actually, I assumed that the QR codes were identical in each case - after all, as I said - it is the same two vaccinations. 'Old version' of the EU vaccination certificates was downloaded on June 21, 2021; 'Version new' on 07/30/2021.
Due to @vaubaehn's post, I have tested my two scanned EU vaccination certificates ('version old' and 'version new', each certificate from sheet 2/2, BionTech) with the entry date "09.08.2021T14:00:00Z" for the Netherlands and get different results!
Result (EU vaccination certificate, 'version old' (QR code on the left and text on the right)):
Result (EU vaccination certificate, 'version new' (text on the left and QR code on the right)):
Steps to reproduce the issue:
For the EU certificate 'version old' (QR code on the left and text on the right):
- Select "Certificates"
- Select your 'old certificate' (2/2): scroll down, check the URN with paper print to be sure to have the old certificate!
- Check validity of DCC against Netherland rules for entry time 09.08.2021T14:00:00Z
- Result: “Result (EU vaccination certificate, 'version old')…”; see above.
For the EU certificate 'version new' (text on the left and QR code on the right):
- Select "Certificates"
- Select your 'new certificate' (2/2): scroll down, check the URN with paper print to be sure to have the new certificate!
- Check validity of DCC against Netherland rules for entry time 09.08.2021T14:00:00Z
- Result: "Result (EU vaccination certificate, 'version new')..."; see above.
Selecting the certificates:
Additional context:
I cannot check and evaluate what is normal, wrong or right here - in this respect I would like my post to be understood as a reference to be checked.
However, it might be helpful to have a hint for the user that says which of his EU vaccination certificates - if the user has several - should be used. At the moment it seems clear: the newer (currently the one with the “text on the left and QR code on the right” (new); see above) should be used. But then it also applies: if you have the EU certificate "QR code left and text right" (old), you should get a newer one. And what if more versions of the EU certificates come out with further QR code changes?
Possible Fixes:
Due to the different sizes of the QR codes (hopefully there are more unique version numbers in the QR code or similar) between "QR code left and text right" (old) and "text left and QR code right" (new) it could be determined which version the scanned EU vaccination certificate is. A note could be derived from this stating that the EU vaccination certificate should be renewed. If relevant, the CWA could even check itself whether the stored certificates are stored in the current version of certificate.
Derived from the size of the QR code (or clearer version differences), the standard QR code displayed / used by CWA could be the most current / valid in each case. Unfortunately, the QR code of the first scanned, i.e. older, certificate is currently displayed by default.
Alternatively, it would also make sense to simply advise the user to delete their old QR codes. However, these should then be marked in some way.
...
Overall, however, I cannot evaluate whether my mentioned 'possible fixes' represent sensible, permanent solutions.
In this sense, best regards, Joachim.
PS: The Links “DCC Certificate of Recovery“, ”DCC Test Certificate“ and “DCC Vaccination Certificate” in https://github.com/Digitaler-Impfnachweis/certification-apis/tree/master/templates are actually wrong: error 404.
MikeMcC399
dsarkar
Ein-Tim
Avoid duplicates
Technical details
Describe the bug
When DCCs are validated against the business rules of countries of arrival (CoA), CWA (and other wallet apps) need to show an "open status screen", when at least one rule could not be validated due to schema version mismatch between DCC schema version and business rule schema version. For example, as of today (07.08.2021) the Netherlands are providing business rules for vaccination certificates with schema version 1.3.0, while many vaccination certificates in Germany have been issued with schema version 1.0.0. In result, CWA currently shows for vaccination DCCs (issued before July 1st) an "open status screen" when validating against NL business rules, where every business rule is displayed for the vaccination certificate to be able (for human beings) to verify, if every rule nevertheless is compliant with requirements for vacc. DCCs set up by the NL health authorities.
But now NL added some rules for test certificates (TR-NL-0005, TR-NL-0006), where the schema version is set to "1.0.0", while other business rules for test DCCs are still schema version "1.3.0". All business rules with schema version 1.3.0 are resulting in a status "open", and they are displayed accordingly in CWA's validation information screen. But rules that pass validation with status "pass", are not shown at all. It would be expected, that in case some rules pass but other rules are "open" that CWA shows all rules with their related DCC content, so that the human user is able to validate its complete DCC against information found on https://reopen.europa.eu .
By the way: the other way round it's working well: when one rule fails while all other rules are "open", then CWA shows all results correctly (failed rules on top, open rules below), see https://github.com/corona-warn-app/cwa-documentation/issues/671#issuecomment-894494672. So "fail/open" is correct, "pass/open" is not correctly displayed.
Steps to reproduce the issue
Expected behaviour
When checking validity of DCC against Netherland rules between/for entry time between 09.08.2021T10:01:00Z and 10.08.2021T10:00:00Z, the rule TR-NL-0006 should be displayed as either "passed" or also as "open", when using DCC you find above.
Possible Fix
Align logic to display validation results with mixed rules "pass/open" to the logic "fail/open".
Additional context
You'll find the related NL business rules here: Acceptance_Rules-NL-20210806.json.txt Pay attention to rules TR-NL-0006 (for antigen test used here) and TR-NL-0005 for NAAT.
Internal Tracking ID: EXPOSUREAPP-8909