A verification only with CovPassCheck is no longer possible due to the new 2G+ rules in some federal states

[Ein-Tim]

This issue applies to iOS and Android

Avoid duplicates

• Bug is not mentioned in the FAQ
• Bug is not already reported in another issue

Technical details

• Device name: Not relevant
• OS version: Not relevant
• App version: Not relevant

Describe the bug

The CovPass-App currently states:

However, this is not a good advice for people which received the booster, lifing in Baden- Württemberg, Lower Saxony or Rhineland-Palatine and want to attend a 2G+ event. By law, they are not required to get tested before (because they have received the booster shot). So now, they just go to an event and have all their certificates stored in CovPass.
The personal checking the certificates is using CovPassCheck to verify the certificates, however, there is no other way for the person attending the event to proof their booster but scrolling down in CovPass and showing the "3/3" certificate, as CovPassCheck does not differentiate between a normal vaccination certificate and the one from a booster.

Steps to reproduce the issue

1. Life in Baden- Württemberg, Lower Saxony or Rhineland-Palatine
2. Get your booster shot
3. Attend a 2G+ event
4. Notice that when the personal checks your certificates they have no other way to make sure you are booster (and thus aren't tested) but scrolling down in your CovPass app and looking at the 3/3 certificate

Expected behaviour

Not too sure, see "Possible Fix" below.

Possible Fix

CovPassCheck shows more details, e.g. which certificate (2/2, 3/3, etc.) certificate was presented (But this is still not "the" best solution as 2/2 can also stand for a booster).

Edit: The "Saarland" seems to handle it like described above too: https://www.saarbruecker-zeitung.de/app/consent/?ref=https://www.saarbruecker-zeitung.de/saarland/landespolitik/2g-plus-regel-im-saarland-tobias-hans-kuendigt-erleichterung-an_aid-64437555. Edit 2: Bayern too: https://twitter.com/Markus_Soeder/status/1470749609228132355?s=20

[derOtto]

It's the same for the Android app: Digitaler-Impfnachweis/covpass-android#128

[Ein-Tim]

@derOtto

Yes, that's why I added the hint "This issue applies to iOS and Android" to the OP of the issue.
Thanks for linking the related issue!

[vaubaehn]

The basic problem of this issue caused me to open an enhancement request to implement serial scanning of certificates for CovPassCheck: Digitaler-Impfnachweis/covpass-android#107

[derweili]

Not only the CovPassCheck app does not show the info about the booster, but also the label above the QR Code in the CovPass App is missleading:

It says "Vollständig seit: XXX" although this is the date of the Booster.

I know this is an android screenshot but I thought it's better to post it here because the android issue only references to this issue.

[Ein-Tim]

@derweili

I reported this bug a while ago in Digitaler-Impfnachweis/covpass-android#94.

[jkrwdf]

Some German states introducing the "2Gplus"-rule start to add the mitigation that the additional test is not only not-required after a "Booster", but also when the last vaccination of a complete series is not longer than 6 month ago.

Example from today: https://www.baden-wuerttemberg.de/de/service/presse/pressemitteilung/pid/ausnahmen-von-der-testpflicht-bei-2g-plus-1/

With this, the current architecture of CovPassCheck can be saved by printing the date of vaccination of the scanned certificate, or, as for tests, the number of days/months since then, or if the 6 months manifest as standard a data saving "< / > 6 month indicator".

A general "solution" to the German rule mess is IMHO only possible by an approach like with the Austrian "GreenCheck" app, which implements multiple rules and the checker has to select which rule-set shall be checked against.

Some of those rules then even ask refined for the concrete state (here e.g. "Wien or not Wien").

Advantage of this is that the check person can still rely on "Green / Red" and does not need to think about the rules.
Also things like "I have scanned a vaccination certificate which is older than 6 month, therefore now let you show the test document" can be realized this way.

[moabits]

There are also multiple requests on Twitter to show if the certificate is a booster shot in the Check app. With the new legislation as described by @Ein-Tim I would consider this high priority.

https://twitter.com/ti_twr/status/1467168138672418831
https://twitter.com/Nightrun314/status/1467434457447677956
https://twitter.com/Matthias1985/status/1467434213641175041

[alexcimander]

Hey everyone,

first off - thank you for the discussion!

As you all noticed the new 2G+ and 2G+B regulations are highly dynamic and can differ from state to state. We are also aware that our current data-privacy restrictions (which are surely important) further complicate the check possibilities.

We are working on an improvement for 3G / 2G / 2G+ and 2G+B venues/ locations for every state. For now I would kindly ask you to bear with us 🐻

We will keep you updated! 🚧

[jkrwdf]

The "GreenCheck" app of Austria yesterday published an update which now also supports the "2G+" mode.

It then scans two certificates (vaccination/test) sequentially and you get an intermediary result as well as a final result.

Could act as blueprint.

[Free-Beast]

The #covpass generated EU Digital COVID Certificate is such an easy to manipulate pdf file. Just overwrite the number of vaccinations and change the date of vaccination to present date. With this sheet of paper you will get entrance to all 2G+ locations that accept 2G+B. The QR code is shown as valid by #covpasscheck

[moabits]

@Free-Beast I had to read you comment again but now I understand your concern towards verifying booster shots.
With some malicious intent, the same thing would be possible by cloning the CovPass app and displaying bogus data.

In any case, I agree that the Check app desperately needs a redesign for this (new) use case.

[blu83]

Hi everybody here. I used the search function and I read some postings, but could exactly find what I heard.
Please check what I write here if possible. I can't check it by myself yet since I don't know people meeting the requirements to check it. I heared from somebody that certificates of the booster vaccination (e.g. 3rd vaccination 6 months after the first complete vaccination if that was e.g. 2x Moderna) can be imported but aren't valid when showing it e.g. to the guy in the restaurant.
Maybe at this point the program still uses the rules that you're only completely vaccined 14 days after the last vaccination. But I couldn't find such a 14 days rule for the 3rd vaccination at the websites of RKI, Stiko etc. I'm not a professional concerning that rules stuff. I just found that 14 day rule for the last vaccination of the first completion of the basic vaccination (1x Johnson & Johnson or e.g. 2x Moderna etc.). But not for booster (3rd one if e.g. 2x Moderna).

If that's true, the problem would be: The recommendation for booster vaccination is ca. 6 months (5 months are also ok) after the first complete vaccination. Now the certificates are becoming invalid after 6 months by law. That unnecessary 14 day delay would cut the time window of one month for the booster vaccination down to 14 days where to have at least one valid certificate without any interruption.
In December, many people don't have much time because in their jobs many things have to be finished before they can go to their vaccations or are prepairing everything for christmas.
While the christmas days and between christmas an the end of the year, at least in Germany it probably will be a very hard task to find somebody who wants to vaccine you because most people want to be in vaccation (some also a few days before christmas). In some German states that even continues incl. the whole week containing January 6th.
So if your complete vaccination was like at the beginning to middle of July -> plus 6 month -> beginning to middle of January -> minus 14 days unnecessary delay before the certificate of the booster vaccination is shown as valid -> most of the time you are allowed to be vaccined and it's early enough to get the new certificate is a time where's hard to get vaccined. Great :-(

Thank you in advance to everybody who checks that issue and writes here if he can confirm it or not.

[Ein-Tim]

@blu83

Now the certificates are becoming invalid after 6 months by law.

Please, could you provide a link to this law?

To answer your question: 3/3 certificate are immediately valid & don't have a 14 days waiting period.

[blu83]

@Ein-Tim

Please, could you provide a link to this law?

To answer your question: 3/3 certificate are immediately valid & don't have a 14 days waiting period.

Thank you for your answer. Now I found out that I may misunderstood something.
Die Corona-Regelungen auf einen Blick (gültig ab 4. Dezember 2021) (PDF)
https://www.baden-wuerttemberg.de/fileadmin/redaktion/dateien/PDF/Coronainfos/ZZ_Corona_Regeln_Auf_einen_Blick_DE.pdf

Das bedeutet, dass geimpfte und genesene Personen, deren Impfung oder Positiv-Nachweis älter als 6 Monate ist,
einen negativen Schnell- oder PCR-Test vorlegen müssen. Geboosterte Personen und solche, deren Grundimmunisierung oder Genesung weniger als 6 Monate her ist, sind von der zusätzlichen Testpflicht ausgenommen.

Short translation: If things are really worse, your certificate must be max. 6 months old. I understood in the media that "your certificate must be max. 6 months old" is for all situations respecively I mixed it up with discussions to generally time-limit the certificate.

So I think the discussion here before my posting is already leading in the right direction concerning that booster (e.g. 3rd) certificate.

But I will try out my booster certificate together with that software as soon as I'm booster vaccined to check if it really works as it should ;-)

[molk-ibm]

@Ein-Tim

Please, could you provide a link to this law?
To answer your question: 3/3 certificate are immediately valid & don't have a 14 days waiting period.

The reason for the inability to identify J&J and Recovery Boosters is due to an unfortunate decision in the EU to reject the suggestion of member states like Germany to keep the number of doses required for initial immunity and simply increase the number of shots given.
If this had been accepted, the apps could easily identify e.g. J&J boosters as 2/1.
This issue has been brought back on the EU table, so let's see what will happen ...

Marcus

[Ein-Tim]

Transferring the comment Digitaler-Impfnachweis/covpass-android#139 (comment) from @oliver-steinbrecher here:

[…] We're currently refining enhancements to address this situation. Instead of showing more details on the verification result screen in the CheckApp we're going to add verification settings. This setting can be enabled and results in handling 2G+ situations equally with test or booster. Feature is planned to be delivered in release 1.17 .

[banholzer]

Transferring the comment Digitaler-Impfnachweis/covpass-android#139 (comment) from @oliver-steinbrecher here:

[…] We're currently refining enhancements to address this situation. Instead of showing more details on the verification result screen in the CheckApp we're going to add verification settings. This setting can be enabled and results in handling 2G+ situations equally with test or booster. Feature is planned to be delivered in release 1.17 .

Can anybody tell when 1.17 will be there? Current release is 1.13 which was released in November (almost 7 weeks ago).
With this speed we'd need to wait at least until July.

EDIT: obviously this was already discussed in the android issue and requested to be implemented within a shorter time: Digitaler-Impfnachweis/covpass-android#139 (comment)

[oliver-steinbrecher]

We apologize for this delay. Hopefully 1.15 is available beginning of next week. Watch out :)

[Ein-Tim]

@oliver-steinbrecher

In Digitaler-Impfnachweis/covpass-android#139 (comment) you said this will come with 1.17. Was this feature moved to 1.15?

[oliver-steinbrecher]

Sorry for my misleading message. 1.17 will be lunched beginning of February. There have been some delay with the other releases 1.15 and 1.16 . 1.15 will be available hopefully next week

[Ein-Tim]

@oliver-steinbrecher Okay, thanks for the info, but version 1.15 won't solve this issue, correct?

[Ein-Tim]

With version 1.17 which was released today, 2G+ scenarios can now be checked. However, CovPassCheck does not take boosters into account. I will leave this issue open until version 1.18, which takes boosters into account, is released.

[oliver-steinbrecher]

1.18 is going to be Released in roughly two weeks. Development is done and QA phase is running.

[Ein-Tim]

@oliver-steinbrecher

What will be your approach reg. the different rules in the federal states (e.g. booster is only allowed to be 90 days old, etc.)?

[oliver-steinbrecher]

We’re going to leverage different business rules. Planned are currently rules on EU and domestic level. Those will be available in 1.18

[Ein-Tim]

@oliver-steinbrecher

So there will be some kind of menu where the controlling person can select the EU country and the federal state?

[Ein-Tim]

States are lifting their 2G+ restrictions and CovPassCheck can fully be used to check 2G+ scenarios.

Closing as fixed.