This project forked from eu-digital-green-certificates/dgca-verifier-app-android
VerificaC19 is the official Italian customization of the EU Digital COVID Certificate Verifier App for the Android Operating System
Home Page: https://www.dgc.gov.it
License: Apache License 2.0
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "github-actions[bot]")
When compared with the Swiss or the Dutch DCG verifier apps, VerificaC19 is error-prone and very slow in reading the QR codes when in nonoptimal circumstances.
When the QR code in frame is slightly rotated or not perfectly centred the app can take many seconds or even totally fail to read the QR code at all.
And even when it does manage to read the QR code it often (in about 1 in 5 cases from my experience) fails to read it correctly and shows the "Certificazione non valida" message.
This is a problem because in some situations (for example at the entrance of big events) it can be difficult and time consuming to frame the code correctly or retry scanning the QR code after it was wrongfully read as invalid.
The QR code gets read and verified in 1 sec. or less and independently of how the QR code is rotated, just like it happens with Verifier apps of other countries.
There's no info on how to use the app.
Add a section/popup to describe the purpose of the app and how to use it
Quando l'app si collega al server del ministero, che dati scarica o invia?
Grazie
Fabio
Missing the permission request for camera when clicking on "avvia scansione"
Classic android permission request "Allow Verifica C19 to use the camera? (Deny - Only this time - While using the App)
Download the App
Try to scan a code
Are the KIDs (and the relative certificates) associated to UK passes provided by the Italian backend.
In other words, does the app need to send GET requests to another endpoint to separately fetch UK certificates in order to validate UK passes or not?
When I scan my Northern Ireland issued NHS QR code with the app, I receive the error message "Certificazione non valida", despite UK QR codes now being accepted.
The QR code should be valid in line with other UK codes.
Scan an Northern Ireland QR code.
Perhaps the NI code has a different key to the rest of the UK, it may be a case of obtaining these keys to convert it into an EU-accepted certificate.
On scanning my NHS Scotland QR code I get following screen saying "Certificazione non valida":
Since NHS certificates are deemed valid, I'd expect NHS Scotland be also accepted.
Scan a QR code issued by NHS Scotland.
I was able to load my certificate to Swiss version of the app (still claiming it's invalid) and the details I see are:
When the app reads a QR CODE a very annoying high pitched sound is played
Use a lower pitched sound.
Something like the iPhone sound for successful transactions for example would be a much more likable sound.
Having a different sound depending on the outcome of the validity check, would also be a nice feature with a practical purpose.
Better user experience
Why this limitation? there are different green pass verification apps
(like the swiss one https://play.google.com/store/apps/details?id=ch.admin.bag.covidcertificate.verifier&hl=it&gl=US)
that works on older version of android, and correctly displays green pass info, can you make this app available for older devices?
Il Codice QR emesso da una nazione estera non viene riconosciuto dall'applicazione Android VerificaC19.
Il codice QR è valido ed è stato ottenuto in una nazione Estera, per cui la applicazione deve poterlo riconoscere come idoneo,
anche se non direttamente emesso da una autorità italiana.
Si chiama Green Pass EUROPEO per questo motivo.
Il bug è stato prodotto nell'azione di Scan Certificate, verso un QR emesso in Spagna, su supporto cartaceo e digitale.
Per riprodurre il bug, si deve possedere un QR non italiano, ma emesso da un'altra nazione, ma valido come gli altri.
Android 8.1.0
Xiaomi Mi A1
To improve the QR reader and to make tests with R not provided by italian authorities.
It's an EUROPEAN pass.
Contact the developers of this application: https://play.google.com/store/apps/details?id=lu.etat.ci.dcc.android
It WORKS better, and it recognize the foreign certificates.
It provides also much more informations about the certificate, and not only if it's valid or not.
Add a webhook to a configurable URL after the validation phase. The content of the webhook could be simply valid or not_valid.
Some environments demand a more automated way for Green Pass verification, mainly to perform an action based on the output of the validation process (validated, not_validated).
The output of a webhook could be a good starting point to prevent the emerging of not Privacy Compliant solutions in the market. At the moment there is not a straightforward and at the same time simple compliant way to do so using VerificaC19, so it could be a feature to simplify this process.
No
I would like a manual trigger to update "dati e regole". It would be implemented as a "refresh" button in the "Dati e Regole" box. This would not replace the automatic periodic update, just enhance it.
At the moment the update only triggers every once in a while. I get the reason (not overloading servers), but sometimes this can be an issue when certificates have been generated only a few minutes earlier, and the user wants to check the validity via the app.
I got my green pass AUTHCODE at 1:30pm today, and I opened the app to check the downloaded QR code at 1:33pm. It was "invalid". I opened the app on another phone at 1:44pm and it was valid. Despite this, I was unable to trigger an update on the original phone, which kept scanning it as invalid for 15 more minutes.
Now, after 30 minutes, both phones recognize it as valid, due to the first one having updated the "Dati e Regole" database, so that was indeed the issue.
This issue is especially relevant for those that rely on a "48 hour" EUDCC for travel: for instance, many airports offer Covid-19 tests right before departure, and the inability to trigger a database update at will could cause delays at the gates when the EUDCC is checked right after having been generated.
No
I click on "avvia scansione" (start scan) and hte app raises a dialog saying "Impossibile scansionare, l'applicazione deve connettersi alla rete almeno una volta per essere utilizzata" (unable to scan, the app needs internet connection at least once to be used).
The phone is connected to internet.
Debugging it, it seems it tries unsuccessfully to access some online resources on sogei.it and it gets access denied.
All authorizations are provided in the settings.
this problem does not occur with the EU and other verification apps.
Any clue?
Allow external Android applications to leverage VerificaC19 QR Code scan and validation process.
Since Vaccine C19 is the ONLY app granted and allowed to validate EU Digital COVID Certificate in 🇮🇹, according to "Garante della Privacy".
Other Android apps maybe interested in redirecting from the app itself their users (in particular events hosts) to theQR Code Scan and validation process of the VerificaC19 app whether it is installed on the device.
One technique could be providing a specific Android Intent that other app may rely on.
Yes
Execution failed for task ':app:testDebugUnitTest'.
There were failing tests. See the report at: file:///Users/macos/Documents/Works/LivioPomi-covid19/it-dgc-verificaC19-android/app/build/reports/tests/testDebugUnitTest/index.html
Just can run app
On some Green passes the scan of the QR code with "Verifica C19" report an invalid certificate.
Scanning the same QR code with another device report a valid certificate and the certificate is confirmed valid by manual verification.
The app "VerificaC19" is expected to not report an invalid reading when the Greep Pass certificate is still in its validity period.
Device: Google Pixel 4a
OS Version: Android 11
App Version: 1.1.0
The issue was resolved by just deleting the android app data from System Settings. An alternative is to uninstall and install again the app from the Play Store.
The issue could be related to a migration bug from an older version to a new version of the app.
The app was installed on the device before the update of the 9 of August then updated through the Play Store.
Ho provato a fare il clone dell'app e compilarla con Android studio. La compilazione va a buon fine, ma, non riesce ad aggiornare dati e regole, guardando i log compare
W/a4.sogei.it/...: type=1400 audit(0.0:240): avc: denied { write } for name="perfd" dev="dm-5" ino=73766 scontext=u:r:untrusted_app_29:s0:c155,c256,c512,c768 tcontext=u:object_r:shell_data_file:s0 tclass=dir permissive=0 app=it.ministerodellasalute.verificaC19
D/OkHttp: --> GET https://testaka4.sogei.it/v1/dgc/signercertificate/status
User-Agent: DGCA verifier Android 30, sdk_gphone_x86;
Cache-Control: no-cache
--> END GET
D/OkHttp: <-- 403 Forbidden https://testaka4.sogei.it/v1/dgc/signercertificate/status (34ms)
Come se venga rifiutata la richiesta.
Come posso fare per risolvere il problema?
Grazie
I tried to clone the app and compile with android studio. The compilation is successful, but fails to update data and rules, looking at the logs appears
W/a4.sogei.it/...: type=1400 audit(0.0:240): avc: denied { write } for name="perfd" dev="dm-5" ino=73766 scontext=u:r:untrusted_app_29:s0:c155,c256,c512,c768 tcontext=u:object_r:shell_data_file:s0 tclass=dir permissive=0 app=it.ministerodellasalute.verificaC19
D/OkHttp: --> GET https://testaka4.sogei.it/v1/dgc/signercertificate/status
User-Agent: DGCA verifier Android 30, sdk_gphone_x86;
Cache-Control: no-cache
--> END GET
D/OkHttp: <-- 403 Forbidden https://testaka4.sogei.it/v1/dgc/signercertificate/status (34ms)
As if the request is refused.
How can I go about solving the problem?
Thanks
I want to know if are available QR codes to test the app and where I can found them to download.
When first name and/or last name are too long, they don't fit the width of the screen
First name and last name should fit the screen width and be clear
Try to scan a certificate that contains a long first name or last name
Allow first name and last name to stay in more than one line.
If a QR code is fully inside of the viewfinder but not fully inside the inner square (the part that's not greyed out) the app won't read the QR code
Other apps (i've tested personally the swiss and the dutch one), while they also have a similar "square" to help the user better frame the code, still read codes if they're not inside of that square.
The app should read QR codes even if they're not fully inside of this inner square.
It will be quicker to read the QR code as it will not be necessary to frame the code perfectly inside of the smaller inner square
Status bar is hidden when certificate info is displayed
Do not hide status bar on certificate info activity
Vorrei sapere nome e cognome di chi ha la responsabilita' di approvare/accettare o di rigettare le richieste di modifica e quali bug risolvere o non riconoscere come tali di questa app nota come Verifica C19.
Grazie.
In this moment the app supports only Android versions >= 8 .
With desugaring and downgrade of the zxing library is possible to downgrade the min sdk to 23
People with android version >= 6 can download the app from the store
I have the certificate for both the first and second vaccinations. They are 2 different QR codes. Both are positively recognized by the app. But once you get the one for the second dose, shouldn't the first dose certificate expire?
The certificate of the first dose should expire when that of the second vaccination is achieved
Scan the QR code of the first dose. Then scan the second dose certificate
I tested all QR codes available here: https://github.com/eu-digital-green-certificates/dgc-testdata/tree/main/IT
The verification fails for ALL of them.
Notwithstanding: 1) I can verify other QR codes (not present in the list above) and 2) other verification apps from UE (and not only) can verify the QR codes given in the link above.
It seems that after the instruction "val key = db.keyDao().getById(kid)" of getCertificate in VerifierRepository, key is null.
What does it mean?
The logo that is shown on the splash screen is low res
Use a higher resolution raster file, or a vector format file (like SVG)
The app will look more polished
When a UK QR code is scanned, the app treats it exactly like an EU Digital Covid Certificate. If it finds one dose of a two-dose vaccine, it says the pass is valid only in Italy. If it finds two doses, it says the pass is valid in Italy and Europe.
However, not all european countries recognize the NHS Covid Pass (UK) as equivalent to the EUDCC.
The app should correctly identify the QR code as a valid two-doses vaccine certificate from the UK (or other types), and inform the user that it is valid in Italy and in some european countries that chose to accept the pass, but not all.
Scan any NHS Covid Pass (two doses)
Change the wording when the issuing country is the UK
Certificazione valida in Italia e in alcuni paesi Europei
Cosa si può fare con la certificazione verde COVID-19 (same as the original)
Attenzione! Il pass britannico 🇬🇧 è riconosciuto solo da alcuni paesi dell'Unione Europea. (small, orange font)
According to newspapers, if a person who was vaccinated gets infected, his green pass is revoked.
Can verificac19 check a list of revoked green passes? How is this implemented with offline verification?
Buongiorno, vorrei suggerire la possibilità di valutare l’implementazione di recepire il qrcode senza aprire la fotocamera ma direttamente da scanner del dispositivo su cui è installata l'app.
Molti dispositivi che già leggono ad esempio i codici dei biglietti di ingresso potrebbero sfruttare lo scanner del dispositivo senza dover passare dalla fotocamera.
Noi ad esempio usiamo questi terminali https://www.zebra.com/it/it/products/spec-sheets/mobile-computers/handheld/tc21-tc26.html già dotati di scanner ma dobbiamo comunque inquadrare il qrcode della certificazione verde con la fotocamera perché ad una scansione tramite scanner l'app VerificaC19 non risponde.
Grazie e buona giornata
No
This app should recognize the UK NHS QR code, since they are equipollenti
Italian expats that vaccinated in UK, returning to Italy for summer vacation, cannot get a coffee or go to the restaurant
I can't do anything without this
No
Aggiungere la possibilità di ricevere il contenuto del QR Code mediante intento per poi processarlo di conseguenza. Tutti i lettori professionali di Zebra, Datalogic ed Honeywell (i principali fornitori) possono essere configurati per inviare il risultato della decodifica mediante intento ad una applicazione target questo permetterebbe di implementare soluzioni con standard di lettura professionali.
Sono un responsabile software della Datalogic S.p.A. e mi occupo specificamente della sezione di barcode decoding sui nostri prodotti Android based. Ho personalmente verificato come le prestazioni di decodifica su molti telefoni risultino difficoltose e lente. Ritengo sia necessario permettere di implementare soluzioni professionali considerando che si va sempre più verso verifiche di massa del Green Pass e si deve garantire un processo. Questo richiede l'integrazione di librerie di decodifica professionali sulla applicazione verifica C19 o l'utilizzo di lettori specifici che già le integrino e che al contempo possano ospitare l'applicazione verificaC19. Se siete interessati possiamo collaborare nel rendere l'applicazione integrabile su lettori di barcode professionali (non solo quelli Datalogic, un supporto general purpose, si intende) anche se la modifica proposta è realmente molto semplice da implementare. Se foste interessati all'utilizzo delle nostre librerie posso sentire in azienda un referente con il quale discutere la cosa. Sono un tecnico ma ritengo che una collaborazione tra lo Stato Italiano ed una azienda Italiana tra i leader mondiali del barcode decoding possa essere interessante da ambo le parti. Se volete contattarmi:
sulla soluzione tecnica per rendere la app ready all'utilizzo su prodotti Datalogic,Zebra, Honeywell etc... siamo disponibili a collaborare fin da subito. Sarebbe un miglioramento significativo per l'applicazione in contesti stressanti.
Yes
Per quale ragione il codice non è presente tra quelli messi a riuso dalle PA sul catalogo di Developers Italia
così come prevedono le linee guida AgID che attuano quanto previsto dagli articoli 68 e 69 del CAD?
In the Android application it is sufficient to modify the device date to change the validity of a certificate. For example, by anticipating the date of the device, a certificate that has already expired can be verified.
The date and time should be taken from a certified and unique source, such as a government server, rather than the device date.
From the system settings it is sufficient to change the date of the device to change the result of the verification. It was tested with a certificate issued 11 days after the first dose, therefore not yet valid by law and rightly detected as not yet valid by the app with correct device date settings. Changing the date to a later date 15 days from the dose, then from the date of entry into force of the certificate, and performing the scan again, this gives a positive result.
Any Android device
The date and time should be taken from a certified and unique source, such as a government server, rather than the device date.
Ability to choose the camera to be used for scanning QR code VerificaC19 - Android
VerificaC19 don't let you choose the camera for scanning QR code. By default works only on retro camera of Android devices.
I would like to use front camera on a tablet device that should be fixed to the wall instead of being used by keeping on hands.
I cannot find a way.
Hi,
when I compile in Android Studio v. 4.2.2, exit with error:
it-dgc-verificaC19-android\app\src\main\java\it\ministerodellasalute\verificaC19\ui\main\verification\VerificationViewModel.kt: (96, 51): Type mismatch: inferred type is ByteArray? but ByteArray was expected
what can I do?
all necessary sources are updated by github
thanks
Attualmente per caricare l'app è prevista la presenza di Android 8 o successivi e questo taglia fuori un gran numero di smartphone dalla possibilità di scaricare l'app.
Visto che app similari come quella svizzera (che verifica senza problemi i green pass italiani) prevedono di potere essere scaricate anche con Android 6, si suggerisce di aggiornare il codice per permettere anche ai possessori di smartphone con Android 6 e 7 di scaricare l'app.
Il progetto svizzero è raggiungibile al seguente indirizzo:
https://github.com/admin-ch/CovidCertificate-App-Android
As from GPDP requirements, verifiers should NOT be able to have any information about the type of vaccination or health state of the verified user.
With commit 8665458 a few icons are shown depending from the state of the vaccinations. This is agains the GPDP recommendations.
When a partially valid certificate is scanned (that is: 1 dose out of 2 and current time is inside the validity window), GREEN checkmark should be displayed. When the validity window is NOT yet started (i.e. current time is before starting time) RED cross should be displayed.
When a partially valid certificate is scanned (that is: 1 dose out of 2 and current time is inside the validity window), BLUE checkmark is displayed. When the validity window is NOT yet started (i.e. current time is before starting time) BLUE mark is displayed.
Currently, the app is available in (Android) Google Play Store and Huawei AppGallery. So-called "degoogled" phones have no "Play Store" or AppGallery access, mostly because they run on modified/unofficial firmware (for example: LineageOS) and/or smartphone owners might not like proprietary software and/or smartphone owners might be banned by Google for any reason.
I suggest to support inclusion in F-Droid. This requires a build that follows their inclusion policy.
In addition to, or alternatively, I suggest to build an APK and release it here on GitHub (possibly using only free dependencies).
Supporting F-Droid and freely available APKs will help the community, as no private company can interfere with the app distribution. Use free libraries means that no bad behaviors can be injected into apps (no tracking, etc).
If you don't want to support F-Droid or freely available APKs, would you authorize a community-driven fork to access to get.dgc.gov.it APIs?
Salve,
è possibile utilizzare la canera frontale per la scansione?
Can someone give the page address of "Ministero della Salute" containing the annexes ("allegati") of DPCM 17 06 2021?
When a QR code is being verified and the app shows the personal data of the user only the original type of the name is visible.
Instead , ( like similar apps from other european countries do ) the app should also show the STANDARDISED type of the name and the last name. This will be useful when the original name and the original last name of the user is using non-latin characters ( for example a person with two nationalities ) and the verification process through an identity card from an authority in Italy will be easier.
The app should also show the STANDARDISED type (with latin characters) of the name and the last name in the verification fragment.
In order to do that, only one line should be edited :
LINE 247 -->
FROM :
binding.nameStandardisedText.text = ""
TO :
binding.nameStandardisedText.text = person.standardisedFamilyName.plus(" ").plus(person.standardisedGivenName)
Hi, how ca we use front camera? there is a way?
Because the source code is available it may be downloaded, modified, built and installed on a smartphone. The modifications may be done to perform several type of frauds. The main problem is that a person showing his green pass QR to a verifier is not able to distinguish a valid and genuine app by an altered app.
So, I think is mandatory to modify/enhance the app in a way to assure it is genuine and its code is not different from the official one.
Without this feature this sw is an open door to potentially access and save personal and private data of every italian citizen in violation of privacy and GDPR rules and a facilitation to commit other crimes and frauds.
Related to #68 I was wondering if it is really true that this app is the only one allowed to verify the green pass.
I ask this because I see different commercial apps who say they are able to verify the green pass directly in-app.
Technically speaking, I think is possible...but is it legal?
Thank you very much in advance for your kindness.
Attualmente l'applicazione verifica la validità del certificato per la data odierna (in realtà quella corrente del telefono), non potendo esporre per ragione di privacy la data di scadenza.
Nel caso di validità del certificato, segnalare se sarà ancora valido dopo un dato range di tempo, poniamo un mese. Questo dovrebbe garantire la privacy, in quanto sapere ad esempio che dopo un mese un pass non sarà valido non comporta necessariamente di ottenere se si tratta di pass ottenuto tramite tampone, guarigione o vaccino.
Permettere controlli agevoli soprattutto per situazioni dove le persone permangono per un lungo tempo, es. Personale scolastico, clienti degli alberghi...ecc
EDIT For those who have only the first dose, the app does recognize the QR code and says "Certificazione valida solo in Italia" (as it should be). So the bug only concerns the 1st dose QR code on the UK covid pass for those who have got both doses. In this case, only the QR code for the second jab works, and if trying to scan the code for the first dose the app says "Certificazione non valida".
The app only recognises 2nd dose QR codes, but some people have only the 1st dose which should be equipollente according to the government guidelines.
The app should have accepted the QR code for 1st dose of UK administered vaccine.
Validate also 1st dose QR code.
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google ❤️ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.
