British cyber technology company VST Enterprises (VSTE) has today launched the worlds first public ‘FIT TO FLY’ secure health passport designed for air travel. The cross border platform called V-Health Passport™ can already be downloaded from the Apple App Store or Google Play by searching for ‘VPassport’ or by visiting www.v-healthpassport.co.uk.
It is the worlds first publicly available secure digital health passport that the public can download and use alongside any form of Covid 19 testing and vaccination that does NOT use unsecure bar codes and QR code technology. Airlines and transport carriers can also download and use the system.
It comes at a time when security over the use of bar codes and QR codes in airline travel has come under intense scrutiny following the cyber attack on the former Australian Prime Minister Tony Abbot. The former PM had his Qantas airline boarding pass hacked. Details including his passport, mobile phone and messages between Qantas staff about him were intercepted. The wider threats of fake Covid 19 test certificates have also been prevalent with an alarming rise in the sales of fake Covid 19 certificates booming in Russia and the Middle East.
VST Enterprises the Manchester based cyber security and technology is the first company in the world to have a fully functioning LIVE heath passport that can be used cross border and across all transport by air, land and sea.
The V-Health Passport™ is the worlds most secure health passport using next generation VCode® code scanning cyber security technology. Using the most advanced closed loop technology with end to end encryption, V-Health Passport™ has 2.2 Quintillion collision free combination codes. These decode based on geo location, time & date, device type and user login… meaning it cannot be hacked.
It can provide airline passengers and airlines with a secure digital passport that validates the passengers’s identity, authenticates their Covid 19 test result and vaccination/immunisation details in one secure app. The V-Health Passport™ also uniquely provides airline passengers and airlines with a contact tracing technology which uses anonymised data.
Unlike other health passports, V-Health Passport™ has been designed with a citizens privacy front and centre. The technology does not track your live location and provides all data in a secure GDPR compliant framework giving citizens a unique ‘self sovereign identity’ style technology putting them in control of who, when and how they share their data.
VSTE CEO and inventor of the VCode technology and V-Health Passport™ Louis-James Davis said: “We are the first technology company in the world to have developed a secure, multipurpose, cross corporate & cross government digital health passport that does not rely on using bar codes or QR codes as its authentication technology. Both bar codes and QR codes have huge potential security implications as they can be cloned and hacked with the latter being subject to a process called ‘Attagging’. Therefore any suggestion of using this type of technology in a health passport for air travel has very real security risks. Not only is a citizen’s personal information at risk, but their Covid test status, vaccination records and also their credit card information. All of this can lead to the very real potential of a massive data breach and a persons personal information and data hacked and stolen. This is of particular concern when using a bar code or QR code technology designed for use to authenticate a persons Covid 19 testing and/or vaccinations records.”
With the alarming increase and black market trade in fake Covid 19 test certificates this also puts a very real threat and risk to passenger safety on airline carriers with the potential to infect and contaminate other passengers on what would be a Covid safe bubble onboard an aircraft.
It is well documented that bar codes and QR codes can be hacked so any airline who considers using a health passport for Covid 19 testing and vaccination using this method of authentication risks a serious potential breach of its passenger data. In 2018 British Airways was fined a record £20M for a data breach on 400,000 of its customers which affected their personal and credit card data.
Louis-James Davis went on to state that both bar codes and QR codes - which represent first and second generation technology - are unsecure and vulnerable to hacking.
“QR codes were originally developed as a scanning technology for close proximity car parts tracking, a world away from identity and banking use cases and now digital health passports. It was then used to skip the input of websites in marketing and promotional purposes. They were never designed with security or privacy in mind… they are simply not fit for purpose and should not be used at all in any form for delivery of sensitive information, travel or event tickets or health passport.
QR codes can be subject to a process called ‘Attagging’ or ‘cloning.’ The process of ‘Attagging’ is where a ‘genuine QR code’ is replaced by a ‘cloned QR code’ which then redirects the person scanning that code to a similar website where personal data can be intercepted and breached. The problem is that serious that in India alone there are over 1 BILLION fraudulent financial transactions each day using QR codes. As the scanning user journey is the same, it is only tech savvy individuals that may notice the domain name has changed.”
As reported by a recent Forbes Magazine investigation, it is predicted that over 11 Million households in the US alone will scan a QR code this year and the majority of them, some 71% of people who have interacted with a QR code will not know if it is the start of a malicious hack. It is envisaged that over 5.3 Billion QR codes will be redeemed this year making it one of the fastest growing tech scanning interactions and also posing one of the greatest cyber threats.
QR codes can be cloned and redirected to other information points or websites. Often criminals and hackers will exploit this by putting a fake QR code over a genuine QR code. So a QR code for example on scanning would link to the genuine website www.similardomain.com but a fake QR code can be made up printed off and placed over the genuine code to redirect to www.similar-domain.com at this point the member of the public is tricked into entering their personal information, private data and financial information. The rogue website looks and feels exactly like the genuine one and is made to mirror it precisely.
VCode® which is the ultra secure digital code which powers the V-Health Passport™ cannot be cloned. Even if it was printed off, or a photograph was taken and placed over a VCode® or V-Health Passport™ it simply wont scan as it works on a call and response system of information between the code and web platform to verify location of the code, user ID and time and date and much more.”
Louis-James Davis added: “We developed and built the V-Health Passport and health wallet to be the most secure technology on the planet that you could use as a health passport where you could combine your test status, vaccination record, boarding pass, airline ticket, music or sports ticket all in one app.
With V-Health Passport™ we wanted to provide functionality and greater mobility to allow citizens to return to work, be fit to fly or return to the sports stadiums. But at the heart of the technology was the ability to protect and respect data privacy of the individual.
The lack of engagement and interaction by the public with Government track and trace app/s over the pandemic was over privacy, security of data and the tracking of a persons live location. This is why we have built a unique system in the vein of ‘Self Sovereign ID’ with the ethics of privacy & security by design. The V-Health Passport™ puts the citizen in control in a way which they share information with who, when and where. “
V-Health Passport™ will help employers safely return their employees back to their offices, factories and warehouses. It will facilitate airlines to allow their passengers to be fit to fly and avoid the need for quarantine restrictions. At the same time it will ensure their airline ticket or boarding pass is secure and won’t be hacked.
A citizen will be able to share their health pass and confirm their Covid test status, or present their vaccination record. They will also be able to show their credit score, work permit or visa, scan their travel or event pass. At the heart of each interaction they will have peace of mind that their data and information is highly secure and ultimately, they control who sees what, who scans what, where and when.