HealthCerts - Digital Standards and Schema

PRODUCT MENU

HealthCerts

For most countries, extensive vaccination drives are underway to innoculate populations against COVID-19 and its variants. There are ongoing discussions on how vaccine-certificates can be part of the effort to reopen the global economy and enable cross-border travel. Currently, proof of COVID-19 Pre-Departure Test (PDT) result and/or vaccination records, in the form of certificates, is needed for travel. As certificatess (whether paper or digital form) could be susceptible to forgery, HealthCerts is tamper-proof, secure (i.e. prevents unauthorised access) and can be digitally stored/transmitted for greater convenience.

We published HealthCerts - a globally inter-operable standard for PDT results and vaccination certificates to facilitate the safe resumption of travel. The digitally authenticated and endorsed certificates are designed to be easily shared and provide added assurance to the traveller as well as authorities.

HealthCerts is also designed to support an open ecosystem and public-private partnerships. Singapore welcomes partners to further the work in this space, including further enhancing interoperability, privacy, and verifiability of digital certificates. Please contact us at info@tech.gov.sg should you have further queries.

Integration and Interoperability

Technical resources to issue, verify or store digital certificates
HealthCerts partners

More information can be found here:

Collaborate on HealthCerts

Medium Blog about HealthCerts - Part 1

Medium Blog about HealthCerts - Part 2

Medium Blog about HealthCerts - Part 3

About HealthCerts

HealthCerts is a set of digital open standards and schema for issuing digital COVID-19 test results/ vaccination certificates, in line with international standards and the Singapore Government's requirements. This will allow the global community to collectively improve it so that governments and public health authorities may adapt it.

Developed by the Government Technology Agency (GovTech) in collaboration with the Ministry of Health (MOH), the use of HealthCerts to enable an interoperable, verifiable, and tamper-proof solution which will smoothen and expedite check-in processing and customs clearance at foreign and local immigration checkpoints.

HealthCerts is interoperable with private sector solutions such as the Affinidi Unifier app. These certificates are also tamper-proof (data stored is immutable) and secure, protected against unauthorised access. The digital certificate stores identity details (name, national identity number, DOB etc.) and test details (type, status, date, medical institution details).

For added assurance, digital certificates may be digitally authenticated and endorsed by the Government through Notαrise to ease downstream verification. Verify provides an easy, reliable way to ensures digital certificates have not been tampered with and issued/digitally authenticated and endorsed by a recognised entity.

Back to top

Integration and Interoperability

Technical resources to issue, verify or store digital certificates

Issue a Health Certificate

The HealthCerts schema has been published here. All digital pre-departure test results issued in Singapore shall comprise of the data elements defined in the schema. During presentation, these are the minimum data types that need to be displayed.

Data fields as defined in schema.
QR code which shall contain the following components:
- A link to fetch the HealthCerts.
- Decryption key to decrypt HealthCerts payload.
- URL to perform verification of HealthCerts.
- Encryption shall be based performed using oa-encrypt.
QR code shall be readable by any standard QR code reader (non-proprietary formatting).

This requirement for shall apply to the various modes of certificate delivery, which could include sharing via:

HealthCerts document or email which contains the memo and QR code.
Mobile application which renders the HealthCerts document as a decentralised document.

The purpose of the decentralised document renderer is to allow OpenAttestation (OA) document issuers to style their documents without code change to the different implementations of the document viewer. It does so by embedding the website specified by the document issuers as an iframe or webview (for mobile apps) and sending the content of the OA document into the iframe. More details can be found here.

Authenticate, Endorse and Verify a Health Certificate

For added assurance, Digital Certificates may be digitally authenticated and endorsed by the Government through Notαrise to ease downstream verification by ensuring:

Untampered content - Authenticate the veracity of the Digital Certificate against blockchain hash value.
Trusted provenance - Verify the legitimacy of Digital Certificate according to our travel policy requirements and checks that the laboratory (or clinic) is authorised to issue Digital Certificates.
Rightful ownership - Stronger identity assurance when presented on the Singpass app for prevention against impersonation.

To authenticate and endorse a digital certificate for recognition at the airport and overseas, travellers will need to visit Notαrise (https://www.notarise.gov.sg) and upload their digital document. Upon successful authentication and endorsement, travellers will receive a digital certificate containing a QR code through email, and/ or via Singpass app (see below for a sample). Authenticated and endorsed digital certificates using the HealthCerts schema are issued by Singapore’s Ministry of Health which will be recognised overseas. HealthCerts offers online QR code solutions.

Verify provides an easy, reliable way to ensures digital certificates have not been tampered with and issued/ authenticated and endorsed by a recognised entity. HealthCerts can be verified online at verify.gov.sg. It can be read by any QR reader or camera-enabled mobile device without the need for a proprietary software to render a human-readable, authenticated certificate. Countries’ border authority would simply require internet connectivity and whitelist the verify.gov.sg domain.

Verify’s open-source information can be found at https://github.com/Open-Attestation/verify.gov.sg.

We welcome private sector entities develop their own versions of Verify with their own list of recognised COVID labs or foreign authorities.

Existing private sector use case such as:

Affinidi Unifier app provides document verification services for attesting document authenticity and validation to airlines and airports. This is similar to Verify.
IATA conducts verification against the rules engine of other countries to determine if the test certificate meets the destination country requirements.

Store a Health Certificate (Digital Wallets)

We have open-sourced the reference implementation, which allows third-party digital passport solutions to store and share HealthCerts on mobile wallets - https://github.com/Open-Attestation/identity-wallet. For example, ICC’s AOKpass, Accredify’s Digital Health Passport, myHalza Pass and IATA Travel Pass app can already do so.

Back to top

Open Attestation Framework

HealthCerts is powered by OpenAttestation, an open-source framework using blockchain to issue cryptographically trustworthy documents which can be verified independently without the need for proprietary software equipment. OpenAttestation is the base framework behind HealthCerts, OpenCerts, and TradeTrust.

OpenAttestation is an open-source framework for verifiable document and transferable records. For more information, you may visit https://www.openattestation.com/docs/getting-started

HealthCerts partners

List of HealthCerts Providers

Providers below provide issuance service to clinics and labs such as Innovative Diagnostics, Gleneagles Hospital and Parkway Shenton Medical Group in Singapore and globally. Currently we have 14 providers that are connected to over 700 institutions which have presence in around 30 countries/regions such as Canada, France, Hong Kong and Indonesia.We welcome private sector entities to sign up as partners to issue digital certificates compliant with the HealthCerts schema by contacting us at info@tech.gov.sg.