search

corona-warn-app / cwa-wishlist

Central repository to collect community feature requests and improvements. The CWA development ends on May 31, 2023. You still can warn other users until April 30, 2023. More information:
https://coronawarn.app/en/faq/#ramp_down
Apache License 2.0
105 stars 14 forks source link

Discourage "visual validation" of DCCs #769

Open Schinkentoast opened 2 years ago

Schinkentoast commented 2 years ago

Current Implementation

Currently, it is - at least in my experience - still common that DCCs are not scanned with CoVPassCheck-App, but employees / security personal ask users to open the details of the DCC and check them visually. There also is a fairly neutral info message next to the QR Code that states: "Dieser QR-Code lässt sich verlässlich mit der CovPassCheck-App überprüfen." Only after clicking the icon next to this message there is a statement that reads "Für Dritte reicht eine Sichtprüfung der Zertifikate nicht aus. Sie müssen in Deutschland die CovPass-Check-App benutzen."

Suggested Enhancement

1) Change the text of the message next to the QR Code to the message that is currently hidden under the information for "Zertifikatsprüfung durch Dritte", quoted above. 2) Display a warning above the details of the DCC, just as CovPass-App does: "Zeigen Sie diese sensiblen Daten nicht in Gaststätten, bei Veranstaltungen oder ähnlichen Situationen vor. Lassen Sie ihren QR-Code immer mit der CovPassCeck-App prüfen."

Expected Benefits

This would enhance privacy and possibly prevent usage of faked or doctored DCCs (by using screenshots etc).

Preview

Internal Tracking ID: EXPOSUREAPP-11546

larswmh commented 2 years ago

Thanks for your report @Schinkentoast. We have created an internal ticket for it and will raise this topic internally. Internal Tracking ID: EXPOSUREAPP-11546

Corona-Warn-App Open Source Team