An increasing number of people, understandably excited after finally receiving the Covid vaccine, have been posting photographs online of themselves and the paper cards which many countries are handing out to track vaccinations. For some the paper cards can carry a particular emotional weight, offering hope after a difficult year. For others, vaccination is just another commodity to flaunt on social media.
Regardless of the reason one might want to share photographic proof of their immunization, experts are warning against posting pictures of vaccination cards online. Not only do these documents contain personal information such as the patient’s full name, birthday and place of vaccination, but this practice also makes it easier for scammers to replicate the cards.
The growing prevalence of Covid vaccine scams raises serious concerns about how governments are preparing to handle the next stage of the pandemic—a phase where many people are vaccinated and eager to get back to normal activities. Despite some concerns coming from both governments and privacy activists, some kind of “vaccine passport” seems increasingly imperative.
Scams, Frauds and Hoaxes
The warning against posting vaccine cards online is far from being an extra precaution to a hypothetical threat. Across the world, an entire cottage industry of vaccine-related frauds has sprung up. In Ecuador, the police shut down a clinic offering fake Covid vaccines for the price of $15 per dose. Before the police intervened, more than 70,000 people fell prey to the racket and, worryingly, investigators are still unsure what the substance being injected into patients was. The United States has also been hit with a wave of vaccine-related cons, leading several media outlets to publish guides on how not to get scammed.
Across the pond, the British press uncovered a thriving black market that sold fake Covid vaccine cards on eBay for as little as £1.49. The scam falsely claimed part of the money collected was going to different NHS charities, further adding to their air of authenticity. The UK also saw the Covid vaccine used as bait for a classic phishing scam, where members of the public received SMS messages asking them to click on a link taking them to a fake, but convincing-looking NHS site which prompts the user for their credit card information. These scams, unfortunately, will always find a target as long as there will be people desperate to get the vaccine. A secure system to track legitimate vaccinations, however, could put many such scammers out of business and help hard-hit businesses and sectors like tourism.
Currently, most countries in the world require travellers to show proof of a negative Covid-19 test before allowing them to enter their borders. As more and more people are vaccinated and are seeking to resume their pre-pandemic lives, entry into foreign countries will become conditional on immunization. Though some activists have pushed back on the idea, this is far from a new concept. Several countries, including Argentina, Brazil, and Kenya, have required travellers to be vaccinated against yellow fever before visiting for years.
There is still no decision on how to implement this proof of vaccinations, in part due to questions about privacy and ethics, but the consensus is growing that the world needs vaccination passports. Greek Prime Minister Kyriakos Mitsotakis was one of the first EU leaders to propose such a document, as he is trying to ensure the survival of his country’s all-important tourism sector while also protecting the health of his citizens. In early 2021, European Commission president Ursula von der Leyen echoed calls for a “common vaccination certificate”.
Such a document would prove useful not only when travelling abroad, but would also help those who don’t plan on leaving the country. Given both the prevalence of Covid-related scams and a long history of fraudulent vaccination certificates for things like yellow fever, an official certificate with a high standard of security would put a dent in the wave of vaccination scams. Right now, as highlighted by the recent warnings against posting vaccine selfies online, vaccination cards are flimsy pieces of paper that can be reproduced with ease by any home printer.
As with any document that deals with personal information and medical history, privacy should be of the utmost priority. Whatever system is put in place must be technologically robust, difficult to forge, and carry strong limitations on who can access the information.
The New Yellow Card
While support for a vaccine certificate is growing among world leaders, many governments are still dragging their feet on developing such a scheme, making way for private companies to step in.
Swiss security expert SICPA, for example, is using its existing CERTUS digital seal technology to craft a blockchain-based system which would allow a quick and secure verification of both paper and digital health documents. The comprehensive vaccine credentialing platform can securely handle data such as Covid test results, vaccination status and more. The blockchain technology makes it impossible to forge the certificate or tamper with it in any way, avoiding the shortfalls of the legacy paper-based “Yellow Card”, long used in efforts to stop the spread of yellow fever.
SIPCA is already putting their technology to work in the maritime industry, where the freshly-signed “Neptune Declaration on Seafarer Wellbeing and Crew Change” pledges to establish a “standardized format for health passes that contain tamper proof information about vaccination and testing status”. In association with several maritime industry groups, SICPA has been engaged in a successful pilot project in the Philippines since late 2020. The success of the pilot makes it likely that the seafaring industry will seek to expand the program.
Governments and international organisations have been split on whether vaccine passports are necessary and what they should look like. With vaccination certificate scams springing up by the day and hopes of safe global travel making a comeback, however, it’s increasingly clear that policymakers need to get behind ways to securely verify who’s had a legitimate shot – and who hasn’t.