DIVOC’s EU-DCC Adapter Service

Conversion utility for generating EU-DCC compliant QR code

What will it cover?

1. DIVOC’s EU-DCC adapter service: Technical details

2. EU’s technical specification for third-countries

What is DIVOC’s EU-DCC adapter service?

DIVOC is an open-source platform that can be used to issue and verify certificates that are consistent with WHO’s minimum data set specifications. Digital certificates issued by DIVOC are based on the globally accepted W3C Verifiable Credential Data Model. Besides the native DIVOC COVID-19 certificate format, DIVOC has enabled an adapter that can convert a native W3C DIVOC issued certificate QR into an EU Digital COVID Certificate (DCC)-compliant QR code.

Need for the EU-DCC adapter service

The EU has published technical and operational specifications for third countries to onboard the EU gateway and facilitate smooth travel for their citizens by enabling digital verification of citizens’ COVID-19 vaccine certificates issued by the home country.
The key design principles on which DIVOC has been built are 'interoperability' and 'coexistence.' The EU-DCC adapter has been developed to ensure interoperability and verifiability of the DIVOC’s natively issued certificates with EU verifier apps.
This utility was required to facilitate restriction-free travel for residents from DIVOC’s adopter countries by enabling conversion of a DIVOC-issued vaccine certificate to an EU-DCC QR code.

Sample EU-DCC certificate PDF template

How does the conversion utility work?

The utility is an on-demand service enabled by the DIVOC platform. The service can be triggered by using an “export as” function or calling an API for the EU adapter service. The service uses DIVOC’s “fetch service” to fetch an already issued, digitally signed DIVOC certificate post the holder authentication. Once the W3C JSON is fetched, the adapter takes inputs on holder details, vaccine event, and issuer information from the JSON and converts it into an EU-DCC QR code. The EU-DCC QR payload is then digitally signed using the ECDSA cryptographic signature algorithm. DIVOC facilitates the digital signing of the QR via a self-signing process, by using a DIVOC generated public-private key pair. Alternatively, it also supports signing the QR code using a public-private key pair issued by a country’s root certificate authority.

Steps to generate an EU-DCC compliant QR code

To generate a valid EU-DCC compliant COVID-19 certificate for travel into the EU member states, the authorised user (certificate holder) can first provide the enrollment code (of his/her COVID-19 certificate that was generated by the issuing authority) via the national system used by the country to download these certificates.
To ensure the privacy and security of the certificate holder, DIVOC authenticates the user via a “mobile OTP” or a “user-password” authentication method.
DIVOC’s certificate fetch service uses the enrollment code to fetch the correct certificate from the certificate registry.
DIVOC then uses the EU-DCC conversion utility to convert the original W3C JSON payload into an EU-DCC compliant payload.
The payload is structured and encoded as a CBOR with a COSE digital signature. This is commonly known as a “CBOR Web Token (CWT)” and is defined in RFC 8392. The payload is transported in a hcert claim.
This payload is encoded in a QR code and signed using the ECDSA signing method.
DIVOC also supports the generation of a PDF template, as defined by the adopter country. Hence, after a successful conversion process, an EU-DCC certificate document (encompassing both, the EU-DCC QR code as well as the PDF template) is generated.
The user can then download the EU-DCC certificate onto their mobile phone or export the same to an integrated digital wallet platform, authorised by the adopter country.

Sample EU payload

{
	1: "IN"
	6: 1635179074, 
	4: 1735179074,
	-260: {
		1: {
			"ver": "1.0.0", 
			"nam": {
				"fn": "Doe",
				"gn": "John"
			},
			"dob": "1986",
			"v": [{
				"tg": "840539006", 
				"vp": "1119349007", 
				"mp": "Covishield", 
				"ma": "ORG-100001981", 
				"dn": 1, 
				"sd": 2, 
				"dt": "2021-10-17", 
				"co": "IN", 
				"is": "Govt Of India", 
				"ci": "URN:UVCI:01:IN:331936150"
			}]
		}
	}
}

References

1. DIVOC’s EU-DCC adapter service: Technical details

Click on the following URL to see the API details: https://egovernments.github.io/DIVOC/developer-docs/api/admin-api.html#../../main/interfaces/certificate-api.yaml
https://github.com/Path-Check/dcc-sdk.js SDK has been used to generate a CBOR/COSE-based verifiable QR credential from the EU certificate payload.

2. EU technical specification for third-countries:

Click here to know more about the EU digital green certificate.
You can check the EU specifications for onboarding third-countries by clicking on the following link: https://ec.europa.eu/health/system/files/2021-07/covid-certificate_equivalence-decision_en_0.pdf.
Click here to see third country COVID-19 certificate equivalence decision checklist.
List of all EU specifications are given here.
To check the JSON specifications, click on the link mentioned below: https://ec.europa.eu/health/system/files/2021-06/covid-certificate_json_specification_en_0.pdf.
For QR code specifications, click on the following link: https://ec.europa.eu/health/system/files/2022-02/digital-covid-certificates_v3_en_0.pdf.
To know the value sets for EU Digital COVID Certificates, click here.
Guidelines on verifiable vaccination certificates - basic interoperability elements, can be accessed here.

All content on this page by eGov Foundation is licensed under a Creative Commons Attribution 4.0 International License.

PreviousDIVOC's Native COVID-19 Certificate Specification NextDIVOC’s SHC Adapter Service

Last updated 1 year ago