Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


01:15 PM

Post Pandemic, Technologists Pose Secure Certification for Immunity

Going digital with immunity passports could speed rollout and allow for better warnings of potential hot spots. But security and privacy issues remain.

With signs that the coronavirus pandemic is waning in several countries, world leaders have begun to consider how their economies can be reopened, with a focus on the large — and growing — group of people who have already survived infection and should be able to return to work.

Yet to do that, businesses and the government need to be able to identify and certify those who have gained immunity. Enter the concept of "immunity passports."

The promise of such immunity certificates is that people who have already had their bout with the novel coronavirus and gained immunity can go back to work because they are presumably vaccinated against reinfection. Germany plans to introduce immunity certificates for citizens who have been exposed and are now immune. China has already implemented a red-amber-green system that classifies citizens according to the risk they pose to others. And in the United States, immunity cards are being considered, Anthony Fauci, director of the National Institute of Allergy and Infectious Diseases, told CNN.

While paper certificates may be an option, a digital certificate will likely be preferable. Already, China has deployed such certificates to its citizens' mobile devices. It's likely that other countries will do the same, making the infrastructure easier to roll out and maintain but raising the possibility of privacy and security issues.

"This can be a catalyst for how best we can use technology to help us, if done in the right way," says Husayn Kassai, CEO of digital-identity startup Onfido. "We can't argue with the fact that the Chinese model is effective —if your phone cannot say you are green, then you cannot be out — but there is zero privacy. There does not need to be a trade-off, however. You can offer all those benefits and have a privacy-first approach with a decentralized model."

For decades, decentralized systems that rely on certifying attributes — such as that the bearer is old enough to consume alcohol — as opposed to identity have been a dream of privacy-conscious technologists. Cryptographer Stefan Brands built on efforts by David Chaum to create the technical underpinnings needed for anonymous credentials in the 1990s and early 2000s. While digital tickets for events and gift certificates have adopted some digital certificate technology, neither attests to an attribute of the bearer nor disconnects the use of the certificate from the identity of the user.

Anonymous certification of immunity could be the first widely used application to do both.

Yet digital immunity certificates also pose a number of challenges in terms of infrastructure, education, and economics, says Kayne McGladrey, chief information security officer at prototyping firm Pensar Development and a member of the IEEE, the world's largest technical professional organization. 

"Businesses and organizations would need to ... educate their workforce on how to validate that a certificate was correct," he says. "And there would need to be a substantial educational investment to combat the inevitable phishing campaigns that’d spring up, such as fake websites to collect personally identifiable information and fake security alerts associated with these digital certificates."

The basic infrastructure of a privacy-preserving architecture would include public-key certification infrastructure that verifies approved test kits, certifies the results either remotely (for a home test kit) or through a provider (at a doctor's office of clinic), links the result to a credential stored on the user's mobile device, and then provide the public version of the certificate to others when approved by the user.

Getting it right is necessary because if an immunity certification is needed to return to work, cheating could become an issue, says Onfido's Kassai. The company has gained new funding to apply its artificial-intelligence technology for verifying identity to, among other applications, the positive identification of people taking a coronavirus test by matching a photo ID with a selfie.

"Let's say a testing kit arrives at my house — the question is how do I prove that I was the one that was tested?" Kassai says. "And if you are out and you are asked to show your certification that you are immune, you need to be able to re-authenticate with your face."

All the components of the infrastructure for a digital passport exist, but creating open standards and certifying tests are both hurdles that need to be overcome, says Jasson Casey, chief technology officer for Beyond Identity, an identity provider aiming to ditch passwords.

"There are a lot of details that do not have to do with technology, but more with the chain of custody, that have to be addressed and handled," Casey says.

Other problems exist for any immunity passport system, whether digital or paper-based. The number of false-negatives — people who initially test negative for COVID-19 even though they have the virus — may be higher than scientists believe, making the re-evaluation of a certification a necessary element. Digital credentials could more easily be rescinded if a class of testing is found to be too inaccurate.

In addition, how long immunity to the novel coronavirus lasts is still an open question. People only retain immunity to the common cold, also caused by the same category of viruses, for a few months. Any immunity certificate infrastructure would have to be able to have an expiration date on the certificate.

Finally, because the digital certificate has to do with health information, privacy becomes a major issue, as does who can request access to the certificate. 

"Off the cuff, people will say certainly I don't mind saying I'm COVID-free, but we don't know what stigmas might come or go in the future for those infected by COVID," says Beyond Identity's Casey. 

Yet, if done correctly, immunity certification could be help jump-start the economies of many nations and prove the concept of digital credentials, he says.

"Attestation to claims prior to this, honestly, has always felt like something that it is nice to have. This is clearly different," Casey says. "Some very large percentage of the US workforce is sitting at home. If this is an enabling capability to get them back out the door, that is a much stronger use case than giving people the anonymous ability to log in to an 18-plus site."

Related Content:

A listing of free products and services compiled for Dark Reading by Omdia analysts to help meet the challenges of COVID-19. 


Check out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's top story: "Which InfoSec Jobs Will Best Survive a Recession?"

Veteran technology journalist of more than 20 years. Former research engineer. Written for more than two dozen publications, including CNET News.com, Dark Reading, MIT's Technology Review, Popular Science, and Wired News. Five awards for journalism, including Best Deadline ... View Full Bio

Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 9/25/2020
Hacking Yourself: Marie Moe and Pacemaker Security
Gary McGraw Ph.D., Co-founder Berryville Institute of Machine Learning,  9/21/2020
Startup Aims to Map and Track All the IT and Security Things
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/22/2020
Register for Dark Reading Newsletters
White Papers
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2020-09-25
In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, when determining the common dimension size of two tensors, TFLite uses a `DCHECK` which is no-op outside of debug compilation modes. Since the function always returns the dimension of the first tensor, malicious attackers can ...
PUBLISHED: 2020-09-25
In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, a crafted TFLite model can force a node to have as input a tensor backed by a `nullptr` buffer. This can be achieved by changing a buffer index in the flatbuffer serialization to convert a read-only tensor to a read-write one....
PUBLISHED: 2020-09-25
In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, if a TFLite saved model uses the same tensor as both input and output of an operator, then, depending on the operator, we can observe a segmentation fault or just memory corruption. We have patched the issue in d58c96946b and ...
PUBLISHED: 2020-09-25
In TensorFlow Lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, saved models in the flatbuffer format use a double indexing scheme: a model has a set of subgraphs, each subgraph has a set of operators and each operator has a set of input/output tensors. The flatbuffer format uses indices f...
PUBLISHED: 2020-09-25
In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger writes outside of bounds of heap allocated buffers by inserting negative elements in the segment ids tensor. Users having access to `segment_ids_data` can alter `output_index` and then write to outside of `outpu...