Don’t Share Your Covid Vaccination Certificate
So you’ve had your Covid vaccine and you’re feeling relieved, ready to rumble, and maybe even a little smug. How best to let your friends and family know that you’re out of quarantine? Publish the certificate on Facebook of course! Share it on Instagram. Tweet it! Let the world know you’re coming out!
NOOOOOOOOOOOO. PLEASE DON’T!
The vaccination certificate has two QR Codes that make it fairly easy for clever hackers to scan and steal your personal data to forge a health pass.
Information supplied on this piece of paper gives your first and last name, date of birth, date of injection and product injected. Sounds pretty harmless. But there are two other important elements on this document.
The first, on the left of the document, is a ‘datamatrix’, a 2D-DOC code which certifies the authenticity of the proof of vaccination.
This code can be scanned quite simply using a smartphone camera to reveal the information above
The second, to the right of the certificate, is the QR Code, intended for use on the government application TousAntiCovid. This also allows easy access to your personal data and gives hackers the possibility of impersonating you. (For example, somebody with Covid could present your QR Code, enter a venue and pass the virus on.)
Hackers could also use that info in email scams, pretending to be a trusted medical service providing specific information about your vaccination, lulling you into a false sense of security.
From June 9th, the vaccination certificate will be used as a health pass into festivals, stadiums, concerts, theatres etc or even for travel around Europe. According to the government, officials who check the vaccination status will only see a red or green square when they scan for information, indicating ‘état d’un test négatif récent, d’une preuve de rétablissement ou d’un certificat de vaccination’ (recent negative test, proof of recovery or a vaccination certificate,’. so your personal privacy is preserved from the checkers – but not from the hackers.
Enjoy your social media communications, but remember that there are sharks circling in those waters and think twice before you post anything personal, no matter how harmless it may seem.