WISeKey, OISTE.ORG and the Trust Protocol Association to Help Health Organizations Deploy a Covid-19 Trusted Health Passport on the Blockchain
The purpose of the Trust Protocol Association is to establish a new Trust Protocol for the Internet combining traditional Cryptographic Trust Models with distributed blockchain ledgers creating a new Global Trust platform.
The mission of the Association is to create an ecosystem of governmental, technology and business partners, each representing a node with the possibility to have multiple nodes per country.
Blockchain-based solutions aim to override the need for a central authority by distributing information previously held in a centralized repository across a network of participating nodes. While Blockchain is not owned by one individual or organization, anyone with an internet connection (and access, in the case of private Blockchains) can make use of it, help maintain and verify it. When a transaction is made on a Blockchain, it is added to a group of transactions, known as ‘blocks”. Each block of transactions is added to the database in a chronological, immutable chain. Each block is stamped with a unique cryptographic code, which ensures that records are not counterfeited or changed. The Blockchain approach lacks legal validity in most jurisdictions, which only recognize the digital signatures as equally valid that manuscript signatures when generated using traditional PKI technology.
The Trust Protocol Association is working with a number of members in USA, Asia MEA and Europe to deploy a fully compliant Trusted Health Passport using the WIShelter Version 2, a new application in the WISeID App ecosystem, designed to remediate risks during the global COVID-19 lockdown period. Using their digital identity secured by WISeKey, users will be able to geo-localize other certified users and stablish secure communications. If needed, the app allows users to prove to local authorities that they are respecting the stay at home recommendations. To ensure the data privacy, each user’s Personal Identifiable Information is kept encrypted and never disclosed without their consent.
WIShelter app is based on WISeID, WISekey’s Digital Identity platform and combines in a unified solution a suite of web services and mobile applications:
- The WISeID Account: a digital identity with a unique credential that can be used to access all of WISeKey’s services and other affiliated services
- A Digital Certificate: offers strong authentication and digital signatures which can be also used to protect users’ email and communication during Teleworking
- A Personal Encrypted Vault: provides secure storage of confidential information, including the medical details
The new features of the WIShelter Version 2 include a full health digital certificate that is imported into the App by connecting it to the medical record of the patient issued by a bona fide qualified health certification program on which Doctors and Medical Facilities can join.
The App’s secure QR Code provides access to the user’s WISeID Health Card. The QR Code is displayed in three colors:
– Green: the person is healthy
– Yellow: the person’s health is compromised
– Red: the person has a health problem
The WISeID Health Card includes important medical details like blood type, allergies, and other medical conditions, and can be enriched with digital health certificates, as it’s the case of the result of an official COVID-19 test.
This simple method to display the Health Card could allow law enforcement and other public services to apply controls during the de-escalation phase of the pandemic.
All health details are encrypted and linked to the user’s identity, represented by a Digital Certificate. Encrypting this data is important to protect user’s confidential information and ensuring that the user is staying up-to-date with its health credentials, and is in compliance with all privacy requirements, like the European General Data Protection Regulation (Directive 95/46/EC), known as GDPR, the primary law regulating how companies protect EU citizens’ personal data.
WISeKey is a fully Qualified Trust Service Provider (TSP) under eIDAS, the updated EU regulations dealing with trusted eID and electronic transactions and Webtrust.ORG.
WISekey is currently working with several governments and health organizations to add functionalities to the WIShelter app such as the ability for users to upload and digitally certify the results of their COVID-19 test. These functionalities will allow local governments to enable healthy/immured persons to safely return to their jobs thus reduce the economic impact of the epidemic while protecting the high-risk population by controlling the spread of this infectious disease.
For almost two decades, WISeKey has contributed to the design and implementation of global standards for the internet’s long-missing identity layer: decentralized, point-to-point exchange of information about people, organizations, or things – enabled by blockchain and certified by cryptographic Root of Trust. WISeKey’s technology, products and services can be used by individuals and organizations.
To that effect, WISekey has launched an enhanced version of WISeID, adding easy to use strong authentication and email security capabilities that can remediate threats like phishing, ransomware or identity theft. Strong Authentication is a mechanism able to enhance security by complementing the traditional username/password access to online services with additional security factors, like biometry, hardware tokens and one-time-passwords. Additionally, secure eMail techniques allow confidential messages to be exchanged encrypted, and to affix a “digital signature” to the outgoing email, ensuring the recipient that the message comes from a genuine person and that has not been manipulated in the way.