How can you be 100% sure that...
(1) The citizen who’s showing you their paper COVID-19 Vaccination Record Card is who he says he is?
(2) The confirmation of vaccination has not been compromised while stored in the proper authority's database?
To deliver a paper certificate leaves the door open for fraud. And one does not need to be a career forger or a Photoshop beginner to make the couple of changes needed to take possession of another citizen's vaccination record card. Just a bit of correction fluid, a copier and voilà!
Also, to effortlessly obtain identity information from someone, by investing as low as $4 for one stolen record on the dark web (first name, last name, SSN, date of birth) or from phishing or vishing, is kind of business as usual for your average criminal and hacker out there.
There is the current way and the only way:
(1) It is crucial that the COVID-19 Vaccination Record Card be a verifiable credential in its digital form, instead of a piece of paper that can easily be compromised. Moreover, the credential must be shared with the consent of the citizen to which the document is associated.
(2) To indisputably prove the identity of the citizen who shares the certificate in its digital form is essential. The ID-proofing process must include the triangulation of an attribute pertaining to the citizen (for example, a photo ID) with a series of government-issued documents (driver's license, passport) all verified by the proper authorities as well as a form of advanced, unspoofable biometrics. Only then can the identity of the citizen reach the highest level of identity assurance per the NIST 800-63-3 guidelines, or IAL3.
(3) The same form of advanced, unspoofable biometrics is then leveraged to authenticate the citizen, when he shares electronically the confirmation of his vaccination for COVID-19 with an employer, a business (airlines, for example) or a government (to obtain a visa, for example). The advanced form of biometrics is leveraged, because it cannot be reproduced by a hacker.
(4) To store user data encrypted in a decentralized database like Blockchain that is virtually uncompromisable and that initiates peer-to-peer transactions while ensuring the immutability of the data stored is the answer to risks associated with systems hacking.
Our private Blockchain-based data storage architecture promotes trust between your organization and your employees for all accesses to your systems and internal applications.
Leveraging the BlockID Private Blockchain Ecosystem entails storing employees’ biometric information in a virtually incorruptible system to ensure they are who they say they are at all times throughout the process. Employees’ data stored in our distributed ledger aren’t subjected to data breaches.
The immutability of a distributed ledger is leveraged to record service provider-customer interactions. The document can never be modified, leaving an auditing trail, and therefore creating trust between all parties involved. Watch the video