The tasks of the Gateway service, which distributes public keys required for verification, have been transferred from the EU to the WHO as of 1 July 2023. The public keys to the signatures of certificates from different countries are distributed through the WHO's Trust Network Gateway (TNG) to national backend systems.
The verification process will remain compliant with the EU COVID-19 certificates, and EU COVID-19 certificates created before 1 July 2023 can also be verified with public certificates distributed through the WHO's Trust Network Gateway (TNG).
In Finland, the national backend systems are managed by the Digital and Population Data Services Agency (DVV):
What data does a machine-readable code include?
The person verifying the certificate can read the data from a machine-readable QR code using a verification application. The data content of the QR code has been signed with a digital signature for ensuring the integrity of the data.
The machine-readable QR code of the EU COVID-19 certificates includes
- personal data
- content data of the certificate
- metadata.
With personal data, the certificate can be linked to the person presenting it. The content data of the certificate is data related to certificate of COVID-19 vaccination, the test certificate or the certificate of recovery. The metadata is for the purpose of implementing the verification process of the data content and the technical identification of the certificate.
More detailed information on the use and data content of the COVID-19 certificates can be found below through the links under Further information.
Technical specification for verifying the data on COVID-19 certificates
The specification documentation for COVID-19 certificates is available on the EU Commission’s website. The documents specify the data content of COVID-19 certificates, the data verification processes and the technical specifications for creating and reading the data.
The configuration documentation is in English.
- eHealth and Covid-19 (ec.europa.eu)
- Technical specifications for EU Digital COVID Certificates - Volumes 1-5 (europa.eu)
In addition to the specifications, the GitHub service also includes example implementations of applications needed for issuing and verifying the COVID-19 certificates.
- European eHealth network - EU Digital Covid Certificate overview (github.com)
- European eHealth network - EU Digital Covid Certificate (github.com)
- FHIR.WHO.SMART-TRUST\Home - FHIR v4.0.1 (worldhealthorganization.github.io)
- WorldHealthOrganization/smart-trust-network-gateway: Repository for the dgc gateway (github.com)
The specifications related to the processing of COVID-19 vaccination certificates in the patient data systems are available on the kanta.fi website: