Open Source in the Digital Green Certificate

11 May 2021

Author: Giulia Guadagnoli

After the publication of the Guidelines on Technical Specifications for Digital Green Certificates (DGC), it is now up to the Member States to deliver the open source reference implementations for the DGC software at a national level.

This story was originally published in the article for the Open Source Observatory (OSOR), a European Commission’s project aiming at providing trustworthy FOSS expertise and information. OFE is a regular contributor to the Observatory.

On 17 March 2021, the European Commission issued a “Proposal for a Regulation of the European Parliament and of the Council on a framework for the issuance, verification and acceptance of interoperable certificates on vaccination, testing and recovery to facilitate free movement during the COVID-19 pandemic”, the so-called Digital Green Certificate (DGC).

Gravitating towards the concept of interoperability in the public sector, the DGC aims to provide a swift response to the Member States’ need to standardise the SARS-CoV-2 infection-related documentation, such as vaccination certificates and test results. To this end, it should include information on whether a person has been vaccinated, has resulted negative or positive to a SARS-CoV-2 infection test, and/or has recovered from COVID-19, with such medical certificates being processed in standardised and secured formats to ensure acceptance throughout the EU. The main goal is to allow the European citizens to easily travel again within the EU.

The eHealth Network, an EU voluntary network of national authorities, is responsible for defining the central interoperability elements of the DGC. On 21 April, it updated the Guidelines on Technical Specifications for Digital Green Certificates (Volume 1), which include a data structure and encoding mechanisms based on the production of QR codes that can be stored on mobile devices.

The EU Green Certificate will be rolled out in June

The guidelines have also outlined the EU gateway. If the European Commission has already set it up for the interoperability of apps for contact tracing, it should now also enable the exchange of electronic signature keys to authenticate the green certificates across the European Union.

Lastly, these technical specifications drew the open source reference implementations for the software at the basis of the DGC, together with a reference app to authenticate the green certificates as well as a template for an app to store them on mobile devices. At this point, every Member State will have to deliver these open source solutions at national level, building on this EU-led endeavour.

With reference to the guidelines, Internal Market Commissioner Thierry Breton stated that they are “a key milestone for setting up the Digital Green Certificate’s infrastructure at EU level. These guidelines, adopted unanimously by national experts, show Member States’ commitment and readiness and will provide them with the specifications necessary for a quick implementation”. Overall, the deadline for the operation of the EU basic components and for enabling the Member States to connect has been set up by the European Commission on 1 June, with a view to the summer period.