Negative test result retrieval code that ends in -Q2 is incorrectly rejected

[ruuda]

Describe the bug, issue or concern

I received a negative test result with a retrieval code that ends in -Q2. When I try to retrieve this code, the app says “This code is invalid. A valid code looks like this: BRB-YYYYYYYYY1-Z2.” I called the CoronaCheck helpdesk, who told me the code is indeed invalid and I need to call Testen voor Toegang. I called Testen voor Toegang, who connected me to the company that performed the test. They say the code is valid after all, and the app is wrong. They told me to create a paper certificate instead at coronacheck.nl/print. And indeed, that site did accept my code that ends in -Q2, and it did generate a paper certificate for me.

To Reproduce

Steps to reproduce the behavior:

1. Tap “Add new vaccination or test”
2. Tap “Negative test”
3. Tap “Other test location”
4. Enter your code that ends in -Q2.
5. Tap “Retrieve test result”
6. Observe the “this code is invalid” error.

Expected behavior

The code should be accepted.

Screenshots

Your app disallows capturing screenshots. Please disable screenshot inhibition if you want me to attach screenshots.

Smartphone (please complete the following information):

• Device: OnePlus 8 Pro
• OS: Android 11 (Oxygen OS 11.0.11.11.IN11BA), security patch level 2022-02-01.
• Browser: N/A
• Version 3.0.1 (3787) configuration 3c50ded, 17/03/2022, 17:32

Also, unrelated, your issue template includes the following, in the coronacheck-app-android repository:

**Desktop (please complete the following information):**
 - OS: [e.g. iOS]
 - Browser [e.g. chrome, safari]
 - Version [e.g. 22]

**Smartphone (please complete the following information):**
 - Device: [e.g. iPhone6]
 - OS: [e.g. iOS8.1]
 - Browser [e.g. stock browser, safari]
 - Version [e.g. 22]

Additional context

I can provide my full retrieval code if this is helpful. Please let me know which e-mail address to send it to.

Governance

• [x] I've read the contributing document https://github.com/minvws/.github/blob/master/CONTRIBUTING.md
• [x] I've read and understand the Code of Conduct https://github.com/minvws/.github/blob/master/CODE_OF_CONDUCT.md
• [x] I understand that any contributions or suggestions I made may make it into the actual code. I've read the License https://github.com/minvws/nl-covid19-notification-app-coordination/blob/master/LICENSE.txt and the contributor license agreement https://github.com/minvws/nl-covid19-notification-app-coordination/blob/master/CLA.md

[nicktencate]

Hi Ruuda,

Could you tell us the first 3 letters of the token? This identifies the test provider. They actually provided a code with an invalid checksum; documentation is available here.

We will contact them and see why their luhn check is implemented incorrectly.

[ruuda]

The first three letters are YCF.

[nicktencate]

Thanks Ruuda, I've asked our technical team to contact Spoedtest.

[ruuda]

I guess we can close this then if it’s a problem on their side after all, thanks for looking into it!