Following the scandal with the Meineimpfungen.ch platform, Xplain, who has been working with the Swiss authorities for 20 years, proposes the use of ImmuvID, whose technology is now ready for use and interoperable with the EU Green Digital Certificate, allowing Swiss citizens to travel freely through Europe
The scandal, that has exposed the ease of access to private data hosted on the digital vaccination platform Meineimpfungen.ch demonstrates the need for “trusted and experienced enterprise technology”, said Andreas Loewinger, CEO of Xplain, a Swiss technology company that has worked for the past two decades with border control agencies and other Swiss authorities. Xplain is co-creator, together with Marino and Nexplain, other European technology companies, of its own technology for the verification of test and vaccination against Covid-19 that guarantees the protection of privacy and now makes it available to the Swiss Government.
This week, the Swiss authorities were forced to suspend the operation of the Meineimpfungen.ch platform (mesvaccins.ch, lemievaccinazioni.ch, myvaccines.ch) after a security breach was discovered due to the technology used. Researchers found that data from 450,000 people vaccinated, including 240,000 against Covid-19, were compromised. “The vaccination data are open like a telephone book,” the researchers reported. Not only that, but the data was easily modifiable by those who registered on the platform identifying themselves as a doctor, something relatively easy for anyone with simple computer knowledge. Not only the Federal Government, but also the nine-canton authorities maintained contracts with the foundation that has developed Meineimpfungen.ch and related applications.
Andreas Loewinger sees the decision taken by the Swiss authorities in deactivating the page and bringing to public competition the development of a new technology as a positive step in the right direction. Xplain participates in this competition with his ImmuvID technology in which it has been working for a year drawing on experience of twenty years in the field of Homeland Security and border control.
Through a simple interface on top of a secure technology stack, ImmuvID allows companies and institutions to certify, in a matter of seconds, the vaccination status or validity of a COVID test (whether PCR, antigens or otherwise), as well as verify the identity of the person presenting it by biometric control.
“ImmuvID is based on the concept of ‘sovereign identity’, that is, your data belongs to you and only you decide when or with whom to share it,” says Pieter Louw of NeXplain, another company involved in the project. Personal and health data is not stored by ImmuvID, but those who must verify it do so by simply reading the information, without downloading data. This is done through an encrypted pairing with the institution that has performed the test or vaccine and that returns information on whether or not the QR read certifies the validity of the test or vaccination, without exchange of personal data. In this way, data from vaccinated people cannot be accessed.
Over the past few months, Xplain has experimented with several technologies until deciding on one that scrupulously complies with the EU General Data Protection Regulation (GDPR). The new Swiss digital vaccination card would thus be compatible with the Green Digital Certificate being developed by the European Commission, which negotiates with Switzerland on how to incorporate its citizens into this system. Since ImmuvID technology, (also available as a white laber platform), can be integrated or can integrate other applications and platforms, Switzerland’s vaccination card would allow Swiss citizens to travel freely through Europe once the new system enters into force.
In fact, ImmuvID, as a digital vaccination card, could also be integrated with Xplain’s EneX technology, which is already in operation in Switzerland for the reading of passports and other identity documents at the federation’s border controls.
Xplain and his partners find themselves in talks with the governments of four European Union states to implement their technology. Also with national and local authorities from other countries outside Europe and with various companies ranging from the organization of Fairs and Congresses, to airlines and hotels. The goal is to create corridors and bubbles that allow you to safely resume mobility.
ImmuvID is part of The Vaccination Credential Initiative, together with Microsoft, Oracle and other large technology companies that, together with health agencies and non-profits, aims to create a secure, verifiable method that preserves privacy to access your vaccination credentials. It is also part of the Good Health Pass Collaborative, where leading companies and organizations in the technology, health, and travel sectors work to create a blueprint for interoperable digital health credentials to help restore global travel and restart the global economy.