As businesses in England open their doors on ‘Freedom Day’ yesterday (July 20), concerns have been raised that people may be falsely getting an NHS COVID pass due to an issue in the system.
the NHS COVID Pass is intended to indicate whether a person has had two vaccinations or received a negative coronavirus test.
When a person submits a negative lateral flow test result through the government website, a QR code is generated on the NHS app, which is valid for 48 hours.
however, an investigation of the i journal, discovered that a negative test result could be falsely reported by entering a fabricated test code on the website, which means the system can easily be exploited.
WHY IS IT IMPORTANT
From July 19 in England, most lockdown restrictions were lifted and many businesses reopened.
While not mandatory, the government has recommended businesses such as theaters, nightclubs and sports venues to use the NHS app to prove customers’ COVID status.
Sites can ask customers to show an app-generated QR code, which can be scanned by staff.
the NHSX website Says: “We encourage the use of the NHS COVID pass in facilities or events where people are likely to be in close proximity to large numbers of people from other households for an extended period of time. “
THE BROADER CONTEXT
The UK government has now said there are no plans to change the sensitivity of the NHS COVID app’s contact tracing function after Transport Secretary Grant Shapps previously suggested the app could be adjusted, after a significant increase in alerts.
From August 16 in England, adults who have had two vaccinations will no longer have to self-isolate after coming into contact with someone infected with the virus.
Meanwhile, in Italy, police said they discovered several bogus EU COVID Digital Certificate programs (EUDCC) online. The EUDCC was officially launched on July 1 and aims to facilitate safe and free movement in Europe during the pandemic, by exempting holders from travel restrictions.
ON THE RECORD
Dr Saif F Abed, Founding Partner and Director of Cyber Security Advisory Services, said: “There will always be flaws in software development, and although COVID-19 vulnerabilities are easily politicized, the main point Takeaway from this report is the need to review the testing and auditing processes of this platform from a technical and, critically, user experience perspective. This will enhance public confidence, engagement and safety.
“It’s interesting that the NHS may be in a relatively strong position on this, as we have mandatory clinical risk management standards (DCB0129 / 0160) that can be used as a framework to ensure that newly deployed solutions are safe and effective on an ongoing basis. “
NHS Digital said IT health news that the Department of Health and Social Affairs (DHSC) is responsible for the NHS COVID pass system. DHSC declined a request for comment.